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Hadb 1: O Kali Linux 


CoflepwaHne: 

1.1 HeMHOrO MCTOPMH 

1.2 B3anMOCBfl3b c Debian 

1.3 3aAaHM i/i Bapi/iaHTbi ncno.nb30BaHi/m 

1.4 OcHOBHbie oco6eHHOCTM Kali Linux 

1.5 ilpHHUunbi Kali Linux 

1.6 rioABeASM MTOrM 

K/ifoneBbie c/iOBa r/iaBbi: 

• flncTpn6yTMB Linux; 

• npoM3BOAHbiM ot Debian; 

• 3aAaH m, c^yHKUMM, npm-iui/m; 
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Kali Linux 1 2 nEnnercn roTOBbiM ahctpm6ytmbom ayAMTa 6e3onacHOCTM 
Linux, KOTopbiPi ocHOBaH Ha Debian GNU/Linux. Ue/ieBoPi ayAHTopneM 
Kali flB/iflK)TCfl npoc^eccMOHa/ibi b ccj^epe 6e3onacHOCTM m IT 
aAMMHMCTpaTOpbl, HTO n03B0/lfieT MM npOBOAHTb TeCTMpOBaHMe Ha 
npOHMKHOBeHMe, KpMMMHa/lMCTMHeCKMM aHa/lM3 M KOHTpO/lb 
6e3onacHOCTM. 


Hto TaKoe flMCTpu6yTHB Linux? 

XoTfl 3 to o6bNHO Mcno/ib3yeTCfl KaK o6mee H33BaHMe A-rm Been 
onepauMOHHoPi cMCTeMbi, Linux - bto npocTO Ha3BaHMe aa pa, nacTM 
nporpaMMHoro o6ecneneHMfl, KOTopoe pery/inpyeT B3aMMOAePicTBMe 
Me>KAy wecTKMM auckom npM/io>KeHMfiMM KOHenHoro nonb30BaTe/ia. 
BbipaweHMe AncTpM6yTMB Linux, c ApyroPi cTopoHbi, othocmtca ko 
BcePi onepauMOHHoPi cMcreMe, nocTpoeHHoPi Ha ocHOBe Linux, aa pa, 
06 bNH 0 BK/lKDHaKDLLlSM npOrpaMMy yCTaHOBKM M MHOrO npM/10>KeHMPi, 
KOTopbie ycTaHOB/ieHbi paHbme m/im bxoa^t b ycraHOBOHHbiPi naKeT. 

Debian GN U/Linux 1 2 - bto BeAymuPi o6mnPi AncrpM6yTMB Linux, 
M3BecTHbiM cbomm KanecTBOM m cTa6M/ibHOCTbK). Kali Linux 
6a3MpyeTCjq Ha pa6oTe npoeKTa Debian m Ao6aB/ifleT cBbirne 300 
cbomx cneuManbHbix naiceTOB, OTHOCflLUMxcfl k MHc^opMauMOHHoPi 
6e3onacHOCTM, oco6eHHO, b 06/iacTM TecmpoBaHMA Ha 
npOHMKHOBeHMe. Debian - bto 6ecn/iaTHbiPi npoeKT nporpaMMHoro 
o6ecneHeHM5R, npeAOCTaBrmKDiAMPi MHO>KecTBeHHbie BepcMM cbomx 
onepauMOHHbix cmctcm, m Mbi nacro Mcno/ib3yeM TepMMH amctpm 6 ytmb 
ASM Toro, HT06bl OTHeCTM BaC K KaKOPi-TO ero KOHKpeTHOM BepcMM, 
HanpMMep, AncTpM6yTMBbi Debian Stable mjim Debian Testing. To we 
caMoe npMMeHMMO k Kali Linux — c AncrpM6yTMBOM Kali Rolling, 
HanpMMep. 


1.1 HeMHoro mctopmm 

npoeKT Kali Linux noTMxoHbKy HaHMHa/icfi b 2012, KorAa Offensive 
Security peniM/ia, hto ohm xotat 3aMeHMTb cboPi cTapbiPi npoeKT 
BackTrack Linux, KOTopbiM noAAepwMBa/icfl BpyHHyK), Ha hto-to, hto 
Morno 6bi cTaTb npoM3BOAHoPi Debian 3 co BcePi Heo6xoAHMoPi 


1 https://www.kali.org 

2 https://www. debian.org 

3 https://wiki.debian.org/Derivatives/Census 
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MHc^pacTpyKTypoPi m ynyHLueHHOM Texm/iKOM naiceTMpoBaHi/m. Bbmo 
npuHfiTO pemeHMe co3flaTb Kali Ha ocHOBe AncTpi/i6yTi/iBa Debian, 
noTOMy hto OHa M 3 BecTHa cbomm KanecTBOM, cTa6n/ibHOCTbK) m 
60/ibLUMM Bbi6opoM AOCTynHoro nporpaMMHoro o6ecneneHi/m. Bot 
noneMy a (Raphael) npMB/iei<a.ncfl k 3 T 0 My npoeKTy b KanecTBe 
KOHcy/ibTaHTa Debian. 

llepBbiM BbinycK (Bepci/m 1.0) npon30Lue/i i~oa cnycTA, b MapTe 2013, 
m 6bin ocHOBaH Ha Debian 7 "Wheezy", cTa6nnbHOM AncTpn6yTHBe 
Debian. B nepBbiPi toa pa3Bi/iTi/ifl Mbi co3Aa/in naxeTbi coTeH 
npnnO>KeHMM, OTHOCflLUHXCfl K TeCTMpOBaHHK) Ha npOHMKHOBeHMe, M 
nocTponnn no/iHOueHHyK) MHcj^pacTpyKTypy. flawe, ec/11/1 pna 
npnno>KeHMM 6bm ASMCTBHTe/ibHO Ba>xeH, cm/icoK npn/io>KeHMfl 
TmaTe/ibHO KypnpoBa/ica, nponycxafl npn/io>KeHHfl, KOTopbie 60/ibiue 
He pa6oTann m/im noBTopfl/in cBOMCTBa y>xe i/icnonb30BaBLui/iecfl b 
/lyniiiMX nporpaMMax. 

B noc/ieAyK)Lune Aaa roAa nocne Bepci/m 1.0, Kali Bbinycn/ma mhoto 
noniaroBbix ycoBepmeHCTBOBaHHM, paci±n/ipflK)Lunx paa AOCTynHbix 
npnno>KeHMM m y/iyHiiiaK)mnx noAAep>KKy pa 3 /ii/iHHoro o6opyAOBaHHA 
6naroAapfl 6onee HOBbiM BnycxaM AApa. npi/i noMomn MHBecTMUMM b 
nocTOfiHHyK) MHTerpauHK) Mbi o6ecneHi/mi/i to, hto Bee Ba>KHbie naxeTbi 
xpaHATCA b ycTaHaB/iMBaeMOM coctoahmm, h hto >kmbom 
no/ib 30 BaTe/ibCKnPi o 6 pa 3 (0T/ii/iHi/iTe/ibHafl nepTa AaHHoro 
AncTpn6yTHBa) BcerAa MO>KeT 6biTb co 3 AaH. 

B 2015 Bbim/ia Debian 8 "Jessie", Mbi pa6oTa/in HaA nepecMOTpoM Kali 
Linux Ha ero ocHOBe. Tax xax b Kali Linux 1 .x He bxoaht GNOME Shell 
(no/iaraflcb Ha GNOME Fallback BMecTO Hee), b btom BepcMH Mbi 
peniM/iM ncno/ib 30 BaTb m y/iyniiiHTb ee: Mbi Ao6aBM/in HeKOTopbie 
pacumpeHHA GNOME Shell A-rm no/iyneHi/m HeAOCTaiomHx cbomctb, 
caMbiM npMMenaTe/ibHbiM b btom AB/ifleTCA Applications menu. 
Pe 3 y/ibTaTOM btom pa6oTbi cTa/ia Kali Linux 2.0, ony6.ni/iKOBaHHafl b 
aBrycTe 2015. 


GNOME AB/ineTCfl cpeflOM pa6onero cra/ia Kali Linux no 
yMO/maHMio. 

CpeAa pa6onero CTO/ia - bto co6paHne rpacfwHecKi/ix npn/io>KeHMM, 
KOTopbie pa3Ae/iJRK)T o6mnPi rpacfwHecKm/i 1/iHcrpyMeHTapi/iM, 1/1 
KOTopbie AO/i>KHbi ncno/ib30BaTbCjq BMecTe Ha pa6oneM nnaTcj^opMe 
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no/ib30BaTe.rm. CpeAa pa6onero cmna, KaK npaBM/io, He 
ncnonb3yeTCfi Ha cepBepax. Ohm o6bNHO npeAOCTa b/i n kdt nayHnep 
npM/io>KeHMfl, cj^aPi/iOBbiM MeHeAwep, Be6-6pay3ep, email k/imcht, 
ocj^MCHoe noMemeHMe m t.a. 

GNOME 4 - caMafl nony/iapHaa cpeAa pa6onero cro/ia (BMecre c KDE 5 , 
Xfce 6 , LXDE 7 , MATE 8 ) m ohm flBrmKrrcfl y>Ke ycTaHOB/ieHHbiMM Ha 
ocHOBHbie o6pa3bi ISO, npeAOCTaB/ieHHbie Kali Linux. Ec/im BaM He 
HpaBMTca GNOME, to oneHb nerKO co3AaTb no/ib30BaTe/ibCKMM ISO 
o6pa3 co cpeAOM pa6onero CTO/ia no BameMy Bbi6opy. MHcrpyKUMM, 
KaK 3 to Ae/iaTb, ocBemeHbi Aa/ibiue b btom KHMre, b maBe 9 
"flpoABMHyToe Mcnonb30BaHMe" [cTp. 222]. 


napa/i/ie/ibHO Mbi yBe/iMHM/iM HaniM ycM/iMA, HTo6bi rapaHTMpoBaTb, 
hto y Kali Linux BcerAa npMcyTCTByeT noc/ieAHflfl BepcMfl Bcex 
npM/io>KeHMM, npeAHa3HaneHHbix Ann npoBeAeHMA TecmpoBaHMA Ha 
npoHMKHOBeHMe. K co>Ka/ieHMK), qe/ib 6bina HeMHoro He cBa3aHa c 
Mcno/ib30BaHMeM Debian Stable b KanecTBe ocHOBbi Ann 
AMCTpM6yTMBa, noTOMy hto OHa Tpe6yeT ot Hac o6ecnenMBaTb peTpo 
noAAep>KKy mhotmm naKeTaM. 3to npoMcxoAHT Bc/ieACTBMe Toro 
4)a KTa, hto Debian Stable OTAaeT npMopMTeT cTa6M/ibHOCTM 
nporpaMMHoro o6ecneneHMfl, nacTO Bbi3biBaa AO/iryK) 3aAep>KKy 
Me>KAy BbixoAOM 6onee cBe>Kero o6HOBneHMfl m MHTerpauMeM 3Toro 
06 H 0 B/ieHMjq B AHCTpM6yTMB. 

YHMTbiBaa HaniM MHBecTMpMM b HenpepbiBHyK) MHTerpauMK), 6bmo 
BnonHe ecTecTBeHHbiM maroM nepe6a/iaHCMpoBaTb Kali Linux noBepx 
Debian Testing t3kmm o6pa30M, HTo6bi Mbi mot/im M3B/ieHb no/ib3y M3 
noc/ieAHeM BepcMM Bcex naKeTOB Debian, cpa3y >Ke, KaK TO/ibKO ohm 
CTaHOBM/iMCb AOCTynHbiMM. Y Debian Testing 6onee arpeccMBHbiM 
Mmk/i o6HOBneHMa, KOTopbiPi caM no ce6e nsnnejcn 6o/iee 
coBMecTMMbiM c c^n-nococ^MeM Kali Linux. 

B cymHOCTM, 3to KOHuenuMA Kali Rolling. Bto BpeMA KaK AncTpM6yTMB 
rolling 6bm AOCTyneH coBceM He6o/ibiuoe BpeMA, Kali 2016.1 6bma 
BnepBbie oc^MUMa/ibHO BbinymeHa A-n^ Toro, HTo6bi no/iHOCTbK) 
oxBaTMTb npMpoAy rolling AncTpM6yTMBa: KorAa Bbi ycraHaB/iMBaeTe 
noc/ieAHK)K> BepcMK) Kali Bama cMCTeMa, b AeMCTBMTe/ibHOCTM, 


4 https://www. gnome.org 

5 https://www. kde.org 

6 http://www.xfce.org 

7 http://lxde.org 

8 http://mate-desktop.org 
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OTc/ie>KMBaeT AncTpn6yTMB Kali Rolling, m Kaw/jbiM ^eHb y sac 6y/ieT 
HOBoe o6HOB/ieHMe. B nponmoM, Bbinycici/i Kali 6bmu cHanmoTaMH, 
ne>KamnMM b ocHOBe AncTpn6yTMBa Debian co Bcrpoem-ibiMn b Hero 
oco6eHHbiMM Kali naKeTaMM. 

Rolling AncTpn6yTi/iB i/iMeeT MHoro npei/iMymecTB, ho y Hero TaK>Ke 1/1 
mhoto npo6neM, KOTopbie KacaKrrcfl KaK m Tex, kto co3AaeT 
AHCTpn6yTMBbl, TaK n0/lb30BaTe/ieM, KOTOpbIM npMXOAHTCJR 
cnpaBrmTbCfl c 6ecKOHenHbiM noTOKOM o6HOBneHMM, a i/morAa 1/1 
nO/lHOCTbK) C HeCOBMeCTHMbIMM M3MeHeHl/mMM. STB KHkira C03AaHa, 
HTo6bi AaTb BaM 3HaHi/m, Heo6xoAHMbie A-rm npeoAO/ieHi/m bcakmx 
HeO>KMAaHHOCTeM, KOTopbie MOryT B03HMKHyTb BO BpeMfl yCTaHOBKM M 
ncno/ib30BaHHfi Kali Linux. 


1.2 B3aMMOCBfl3b c Debian 

flncTpn6yTMB Kali Linux ocHOBaH Ha Debian Testing 9 . I/Imchho no3TOMy 
6o/ibLUMHCTBO naiceTOB, AOCTynHbix b Kali Linux, npm±i.rm np^MO H3 
peno3i/iTopi/m Debian. 

HecMOTpa Ha to, hto b ochobhom Kali Linux no/iaraeTca Ha Debian, oh 
AB/lfleTCfl nO/lHOCTbK) He3aBHCMMblM B CMbIC/ie Toro, hto y Hac eCTb 
CBOfl co6cTBeHHa?i MHcjDpacTpyKTypa, i/i b cba3m c btmm Mbi coxpaHaeM 
no/iHyK) CBo6oAy npon3BOAHTb /iK)6bie M3MeHeHi/m, KaKi/ie Mbi 
33X0TMM. 


1.2.1 ABH^eHkie naKeTOB 

Co CTopoHbi Debian, cneqHa/iMCTbi eweAHeBHO pa6oTaK)T HaA 
o6HOB/ieHneM naxeTOB i/i 3arpy3KOi/i i/ix b AncTpn6yTi/iB Debian 
Unstable. KaKmnbKO caMbie npo6neMHbie olum6km 6yAyT ycTpaHeHbi, 
naxeTbi nepeHOCATCfl b AncTpn6yTHB Debian Testing, npouecc 
nepeHOca Taioxe rapaHTi/ipyeT, hto hm OAHa 1/13 3aBi/icnMOCTei/i He 
6yAeT HapyuieHa b Debian Testing. OcHOBHaa 3aAana noAo6Horo poAa 
AGhctbhm 3aKnK)HaeTc?i b tom, hto Testing BcerAa totob k 
i/icno/ib30Ba hi/ikd (m/im Aawe k HOBOMy Bbinycicy!) 


9 https://www. debian.org/releases/testing/ 
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Ue/iM, npec/ieAyeMbie Debian Testing, no/iHOCTbK) coBnaAaiOT c 
3aAanaMM, nocTaB/ieHHbiMM nepeA Kali Linux, m mmchho noaTOMy Mbi 
B3J r/im ero 3a ocHOBy. HTo6bi Ao6aBMTb b AncTpu6yTHB cneuMa/ibHbie 
Kali naKeTbi, Mbi cneAyeM npoueccy, cocToameMy M3 AByx BTanoB. 

CHanana, Mbi 6epeM Debian Testing m npMHyAMTe/ibHO BHeAP^eM 
Ham m co6cTBeHHbie naKeTbi Kali (pacno/io>KeHHbie b HameM 
peno3MTopnn kali-dev-only') A-rm co3AaHna peno3MTopnfl kali-dev. 
3tot peno3MTopnM BpeMa ot BpeMeHH 6yAeT AaBaTb c6om: HanpMMep, 
Ha mu cneuna/ibHbie Kali naKeTbi, MoryT He ycTaHaB/iMBaTbca, noKa 
ohm He 6yAyT nepeKOMnM/iMpoBaHbi b OTHomeHMM 6onee HOBbix 
6M6/iMOTeK. B ApyrMx cMTyauMax pa3ABoeHHbie naKeTbi, TaK>Ke MoryT 
6biTb o6HOBneHbi, HTo6bi cHOBa cTaTb MHCTa/irmpyeMbiMM m/im A-rm 
Toro, HTo6bi McnpaBMTb MHCTan/iMpyeMOCTb Apyroro naKeTa, KOTopbiM 
33BMCMT ot 6onee hobom BepcMM pa3ABoeHHoro naKeTa. B /ik)6om 
c/iynae, kali-dev He npeAHa3HaneH A-rm KOHenHbix no.nb30BaTe.neM. 

Kali-rolling - ABrmeTCfl AncTpM6yTMBOM, MH(f)opMai 4 MK) o kotopom 
no/ib30BaTe/iM Kali Linux cKopee Bcero 6yAyT OTc/ie>KMBaTb. Tao<e oh 
co3AaH M3 kali-dev t3kmm >Ke o6pa30M, KaK m Debian Testing co3AaH 
M3 Debian Unstable. naKeTbi nepeHOCATca TO/ibKO TorAa, KorAa Bee 
33BMCMM0CTM MOTyT 6blTb yAOB/ieTBOpeHbl B Ue/ieBOM AHCTpM6yTMBe. 


1.2.2 YnpaBAeHMe pa3AMHMflMM c Debian 

B KanecTBe KOHCTpyKTMBHoro pemeHMjR Mbi crapaeMca KaK mo>kho 
60 /lbme MMHMMM3MpOB3Tb KO/lMHeCTBO p33AB0eHHblX naKeTOB. KaK 6 bl 
TO HM 6 bl/ 10 , HT 06 bl pea/lM30BaTb HeKOTOpbie M3 yHMKa/lbHblX 
0 C 06 eHH 0 CTeM Kali, Heo 6 xOAHMO BHeCTM pflA HeKOTOpbIX M3MeHeHMM. 
HT 06 bl OrpaHMHMTb B/lMflHMe 3TMX M3MeHeHMM, Mbi CTpeMMMCfl 
OTnpaBMTb mx «Bbime no TeneHMK)», MHTerpMpya oco 6 eHHOCTb 
HanpfiMyK) m/im nyTeM Ao6aB/ieHM?i Heo6xoAHMbix mctoaob TaKMM 
o6pa30M, HTo 6 bi 6 bmo zierKO HenocpeACTBeHHO BK.moHMTb Hy>KHbie 
cfjyHKUMM 6e3 Aa/ibHePimeM MOAn<t>MKauMM caMMx BbimecTOfuuMx 
naKeTOB. 

The Kali Package Tracker 10 noMoraeT HaM npoAO/i>KaTb OTc/ie>KMBaTb 
HaiuM M3MeHeHMa c Debian. B /iio6oe BpeMA, Mbi MO>xeM npoBepMTb, 


10 http://pkg. kali.org/derivative/kali- dev/ 
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icaicoPi naiceT 6bm pa3ABoeH, cMHxpoHM3MpoBaH /in oh c Debian m 
Tpe6yeTca /in o6HOB/ieHne. Bee Ham m naKeTbi coxpaHAKrrcfl b 
peno3MTopMflx n Git, r^e paaom HaxoAflTca BeTKa Debian m BeTKa Kali. 
5/iaroAapa 3T0My, o6HOB/ieHMe pa3ABoeHHbix naxeTOB flBrmeTCfl 
npocTbiM npoqeccoM, coctoalahm M3 AByx Hec/io>KHbix maroB: 
o6HOB/ieHne bctkm Debian m 3aTeM c/iMAHMe c BeTKoPi Kali. 

B to BpeMfl, Kax KO/iMnecTBO pa3ABoeHHbix naxeTOB b Kali AB/iaeTCfl 
OTHOCMTe/ibHO He6o/ibi±iMM, hmctio Aono/iHMTe/ibHbix naxeTOB 
AOBO/ibHO TaKM Be/iMKo: Ha anpe/ib 2017 roAa mx KO/iMnecTBO 
npn6nn>Kanocb k 400. 5o/ibLUMHCTBO btmx naxeTOB 9\ Br \ n \ OTC 9\ 
6ecnnaTHbiM nporpaMMHbiM o6ecneneHMeM, cooTBeTCTBy kdlumm Debian 
Free Software Guidelines 1112 , m Hama KOHenHaa ue/ib 3aK/iK)HaeTCfl b 
tom, HTo6bi BcerAa noAAsp>KMBaTb btm naxeTbi b Debian. K 
coKa/ieHMK), ecTbTaK>Ke Hecxo/ibKO MCK/iK)HeHMPi, KorAa npaKTMnecKM 
HeB03M0>KH0 6bmo co3AaTb npaBM/ibHoe naxeTHpoBaHMe. B 
pe3y/ibTaTe HexBaTKM BpeMeHH b Debian 6bmo OTnpaB/ieHO Hecxo/ibKO 
naxeTOB. 


1.3 3aAanM m Bapkiambi ncno/ib30BaHkm 

Ec/im, k npHMepy, ocHOBHbie 3aAann Kali MoryT 6biTb BKpaTqe 
M3/10>KeHbl B HeCKO/lbKMX c/iOBax: «TecTnpoBaHne Ha npOHHKHOBeHHe 
h ayAHT 6e3onacHOCTM», to, HecMOTpa Ha bto, no-npe>KHeMy 
cymecTByeT 6o/ibmoe KO/iMnecTBO pa3/iMHHbix 3aAan, KOTopbie 
9\bh9\[otc9\ HeorbeM/ieMoPi nacTbK) 3tmx npoueccoB. Kali Linux co3AaH 
KaK CppePlMBOpK, nOTOMy HTO OH BK/lK)HaeT B ce6a MHO>KeCTBO 
pa3/iMHHbix MHCTpyMeHTOB, npeAHa3HaneHHbix A-rm pa3Hbix 3aAan 
(XOT 9\ 3T0 He OTMeHfleT Toro C(3aKTa, HTO OHM MOryT MCn0/lb30BaTbCf1 B 
KOM6MHai4MM BO BpeMfl TeCTMpOBaHMfl Ha npOHMKHOBeHMe). 

HanpMMep, Kali Linux MOweT 6biTb Mcno/ib30BaH Ha pa3/iMHHoro poAa 
KOMnbKDTepax: oneBMAHO, hto b nepByK) onepeAb penb mast o 
HoyT6yKax neHTecTepoB, ho Tai<>Ke Kali Linux MO>KeT 6biTb 
Mcno/ib30BaH Ha cepBepax cMCTeMHbix aAMMHMCTpaTopoB, >xenaK)mnx 
OTcne>KMBaTb cocToaHMe cbomx ceTePi, Ha pa6oHMx nnaTcjDopMax 
KpMMMHa/iMCTMnecKMx aHa/iMTMKOB m, hto caMoe Heo>KMAaHHoe, Ha 


11 http://git.kali.org 

12 https://www.debian.org/social_contract 
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cicpbiTbix BCTpoeHHbix ycrpoi/icTBax, KaK npaBn.no, c npopeccopaMM 
ARM, KOTopbie MoryT 6 biTb npi/icoeAHHeHbi k Anana30Hy 
6 ecnpoBOAHoPi ceTH v\nv\ noAK/iKDHeHbi k KOMnbKrrepy qe/ieBbix 
no/ib30BaTeneM. MHori/ie ARM ycrpoPicTBa flBrmK)Tc?i npeKpacHbiMi/i 
ManiMHaMM Ann npoBeAem/m aTaKi/i 6 /iaroAapa CBoeMy He 6 o/ibiuoMy 
pa3Mepy m Ma/ieHbKOMy KO/ii/mecTBy noTpe 6 /ifieMOM 3Hepn/m. Kali 
Linux TaK>xe MO>KeT pa 6 oTaTb b o 6 /naKe Ann co3AaHi/m KOHr/iOMepaTa 
MaLUMH, 3aHMMaK)LUHXCJR B3/10M0M napO/ieM, M Ha M 06 M/lbHblX 
Tenecj^OHax m n/iaHLueTax Ann npoBeAeHi/m nopTaTHBHoro 
TeCTHpOBaHHa Ha npOHHKHOBeHMe. 

Ho m 3to eme He Bee; neHTecTepbi Tao<e Hy>KAaK)TCfl b cepBepax Ann 
ncno/ib30BaHHfi nporpaMMHbix cpeACTB BHyTpi/i KOMaHAe 
neHTecTepoB, Ann HacrpoMKi/i Be 6 cepBepa h ero noc/ieAyK>mero 
i/icno/ib30BaHi/m b c^muMHroBbix KaMnaHi/mx, Ann 3anycKa ycrpoPicTB 
no CKaHMpOBaHMK) ya3BHMOCTeM M ApyrMX nOA 06 HblX MHCTpyMeHTOB. 

Iloc/ie Toro, KaK Bbi 3arpy3MTe Kali, Bbi 6 biCTpo o 6 Hapy>Ki/iTe, hto 
rnaBHoe MeHK) Kali Linux opraHH30BaHO no TeMaM, cooTBeTCTByK>mnM 
pa3/iMHHbiM 3aAaHaM m agmctbuam, KOTopbie xopomo noAOMAyT Ann 
neHTecTepoB h Apyrux cne 14 Ma.nl/icTOB no MHc|3opMai4MOHHOM 
6e3onacHOCTM, KaK noKa3aHO Ha pucyHKe 1.1 «MeHK) npn/io>KeHMM 
Kali Linux "[CTp. 6 ]. 



Figure 1.1 Men/o npuno>KeHuu Kali Linux 


3th 3aAann m HanpaB/ieHHfl AeflTe/ibHOCTM BK/nonaiOT b ce 6 a: 


• C6op MH4>opMai4MM: c6op AaHHbix o ueneBOM ceTM m ee 
CTpyKType, MA6HTM(f)MKai4Mfl KOMnbKDTepOB, MX OnepaUMOHHblX 
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CMCTeM h c/iy>K6, KOTopbie ohh 3anycKaK)T. OnpeAeneHne 
noTeHuna/ibHO yfl3BMMbix nacrePi MHct>opMai 4 MOHHoPi cMcreMbi; 

• AHa/iM3 y« 3 BMMOCTeM: 6bicTpafl npoBepKa noKaweT, noAsepweHa 
n m noKa/ibHaa mjim yAa/ieHHafl MamuHa b/imahmk) KaKoPi-/iM6o 
M3BecTHOM yji3BHMOCTM mjim He6e3onacHoPi KOHcJ^nrypaunM. CKaHep 
yjq3BMMOCTePi Mcno/ib3yeT 6a3bi AaHHbix, KOTopbie coAep>KaT 
Tbicj^Hn pa3/ii/iHHbix noAnucePi Ann onpeAe/ieHMA noTeHunanbHbix 
yfl3BMMOCTePi; 

• AHa/iM3 Be6 npn/io>KeHMM: onpeAe/iem/ie HenpaBM/ibHbix 
KOHcjDMrypauMM m c/ia6bix MecT b 6e3onacHOCTM Be6 npnno>KeHMPi. 
OneHb b3>kho onpeAe/iMTb m cbcctm k MUHUMyMy B/iMAHMe 
noAo6Hbix yrpo3, TaK KaK ny6/iMHHafl AOCTynHOCTb btmx 
npn/io>Kei-mPi nenaer mx MAea/ibHoPi MmueHbK) Ann 
3 n oy m bi LLm e h h n ko b ; 

• OqeHKa 6a3bi AaHHbix: ot SQL HHteKUkin ao aTaKM c ue/ibK) 
Kpa>Kn yneTHbix AaHHbix, aTaKM Ha 6a3bi AaHHbix n&nn\oicn oneHb 
pacnpocTpaHeHHbiM BeKTopoM aTaKH. K 3T0My poAy AOflTejibHOCTM 
OTHOCflTCfl MHCTpyMeHTbl, A/lfl npOBepKM BeKTOpa aTaKH, HaHHHafl 
OT SQL HHteKUHH H 3aKaHHMBafl H3BTieHeHMeM H aHa/lH30M 
AaHHbix; 

• B3/10M napo/in: cncTeMbi ayTeHTnc|)HKai 4 i/m BcerAa xopomo 
3H3K0Mbi c BeKTopaMH aTaK. 3Aecb HaxoAHTcsi oneHb mhoto 
no/ie3Hbix MHCTpyMeHTOB, HaHHHasi c HHCTpyMeHTa B3/iOMa napo/ia 
OH/iaPiH BIUlOTb AO aBTOHOMHbIX aTaK npOTHB 3aLUHCt)pOBaHHblX H/1H 
X3LUHpOBaHHblX CMCTeM; 

• EecnpoBOAHbie stskm : floBO/ibHO 6o/ibi±iafl pacnpocTpaHeHHOCTb 

6ecnpoBOAHbix ceTePi 03HanaeT, hto ohm BcerAa 6yAyT 

npeACTaBTuiTb 6o/ibi±ioPi MHTepec A-rm 3/ioyMbiiu/ieHHMKOB m 
BbicTynaTb oahmm m3 BeKTopoB aTaK. E/iaroAapfl LUMpoKOMy 
cneKTpy i"ioaagp>kkm HecKO/ibKMx 6ecnpoBOAHbix KapT Kali 
ABJiaeTCfl oneBMAHbiM Bbi6opoM A-n^ npoBeASHMfl aTaK Ha 
HecKO/ibKO TMnoB 6ecnpoBOAHbix ceTePi; 

• 06paTHan pa3pa6oTKa: o6paTHafl pa3pa6oTKa AB/iaeTCfl 
HanpaB/ieHMeM AeflTe/ibHOCTM, KOTopbiPi ct3bmt nepeA co6oPi 
MHO>KecTBO 3aAan. B paMKax noAAep>KKM aTaKyiomux AeP icTBMPi 
o6paTHaa pa3pa6oTKa BbicTynaeT ocHOBHbiM mctoaom A-na 
MASHTMCf)MKaUMM pa3/lMHHblX yfl3BMMOCTeM M pa3pa60TKM 
BKcnnoPiTa. B ue/iax 3amnTbi o6paTHas pa3pa6oTKa Mcno/ib3yeTCfl 
Ann aHa/iM3a BpeAOHOCHoro nporpaMMHoro o6ecneHeHMfl, 
Mcno/ib3yeMoro bo BpeMA aTaKM. B noAo6Hbix cMTyauMax ocHOBHaa 
ue/ib 3aK/iK)HaeTC}i b tom, HTo6bi onpeAe/iMTb bo3mo>khoctm 
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ocymecTB/iaeMOM npoTHB Bac AejiTe/ibHOCTH; 

• 1/lHCTpyMeHTbi BKcn/iyaTaqun: BKcn/iyaTaunji, h/i h 

ncno/ib30BaHne (paHee HA6HTHc|3Hi4HpyeMOH) yji3BHM0CTH, 
no3BormeT BaM no/iyni/iTb KOHTpo/ib HaA yAa/ieHHOH ManiHHOH (h/ih 
ycTpoPicTBOM). flaHHbiPi AOCTyn mo>kho Hcno/ib30BaTb b 
AaribHePiLueM A-rm npoBeAeHHJi aTaic c ue/ibK) pacuiHpeHHJi npaB 
/lOKa/lbHO Ha B3/10MaHH0H MaLUMHe HJ1H Ha APyrHX MaLUMHaX, 
AOCTynHbix b AaHHoPi ziOKa/ibHOH ceTH. flaHHa n KaTeropi/m 
COAep>KHT MHO>KeCTBO HHCTpyMeHTOB H yTH/lHT, KOTOpbie HaMHOTO 
ynpomaKDT npouecc HanncaHHJi Baninx co6cTBeHHbix 3Kcn/i0HT0B; 

• Sniffing m Spoofing: nonyneHMe AOCTyna k AaHHbiM bo BpeMA hx 
nepeMemeHi/m BHyTpn ceTH BcerAa nBnnejcn oneHb BbiroAHbiM unn 
3/ioyMbimneHHHKa. 3Aecb Bbi MO>KeTe HaPiTH spoofing HHCTpyMeHTbi, 
KOTOpbie no3BO/i^T BaM BbicTynaTb b ponn 3aKOHHoro 
no.nb30BaTe.rm, a Ta K>Ke sniffing HHCTpyMeHTbi, KOTOpbie 
npeAOCTaBJIT BaM B03M0>KH0CTb 3aXBaTblBaTb H aHa/lH3MpOBaTb 
AaHHbie np^MO b momcht hx nepeAann. l/lcno/ib30BaHne AByx bthx 
HHCTpyMeHTOB BMecTe Ae-naeT hx HaMHoro 6o/iee MomHbiMH, neM 
npHMeHeHne hx no otas/ibhocth ; 

• nocT 3Kcn/iyaTaMMn: KaK mnbKO Bbi no/iynn/in AOCTyn k cncreMe, 
Bbi, cKopee Bcero, 3axoTHTe coxpaHHTb AaHHbiPi ypoBeHb AOCTyna 
h/ih paciiinpHTb ero, npoABHra^cb Aa/iee b ceTH. HHCTpyMeHTbi, 
KOTOpbie noMoryT BaM b 3tom, HaxoAflTCfl 3Aecb; 

• Forensics: >KHBaji KpHMHHa/iHCTHHecicaji cpeAa 3arpy3KH Linux 
cra/ia oneHb nony/mpHoPi b noc/ieAHne roAbi. Kali coagp>kht 
6o/ibi±ioe KO/innecTBO nony/mpHbix KpHMHHa/iHCTHHecKHx 
HHCTpyMeHTOB Ha ocHOBe Linux, no3BO/mK)LUHx BaM Ae/iaTb 
a6conK)THO Bee, HannHaa ot nepBOHana/ibHoPi copthpobkh h 
co3AaHHA o6pa3a AaHHbix ao no/iHoro aHa/iH3a h ynpaB/ieHHJi 
Ae/iaMH; 

• HHCTpyMeHTbi fljin OTHeTa: TecTHpoBaHne Ha npoHHKHOBeHne 
CHHTaeTCjq no/iHOCTbK) 3aKOHneHHbiM, KorAa Bee ero pe3y/ibTaTbi 
OTo6pa>KeHbi b OTneTe. flaHHa n KaTeropHJi coagp>kht HHCTpyMeHTbi 
A/i5i noMOLUH b oSteAHHeHnn AaHHbix, co6paHHbix cneuna/ibHbiMH 
HHCTpyMeHTaMH, 06 Hapy>KeHHH HeOHeBHAHbIX B3aHMOCB513eH H 
npHBeASHHH Been HHcj^opMauHH b pa3nHHHbie OTneTbi; 

• HHCTpyMeHTbi fl/lfl COMMa/IbHOM MH>KeHepHM: KOrAa 

TexHHHecKasi cTopoHa xopomo 3amHmeHa, Macro cymecTByeT 
B03M0>KH0CTb Hcno/ib30BaTb noBeAeHne He/iOBeica b HHTepecax 
aTaKyiomen CTopoHbi. l/lcno/ib3yji npaBH/ibHoe B/iHJiHHe, /liOAePi 
nacTO MoryT no6y>KAaTb k ashctbhjim, KOTOpbie ct3B5it noA yrpo3y 
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6e3onacHOCTb cpeAbi. CoAepwa/i jim USB HaKonMTe/ib, KOTopbiM 
ceKpeTapb TonbKO hto BCTaBM/i b KOMnbKrrep, BpeAOHOCHbiM PDF 
C^aPi/l? 1/1 /1M B03M0>KH0 3T0 6bl J1 TpOflHCKMM KOHb, ycneillHO 

yCTaHOBMBLUHM 63KAOP? Ebl/l /1M 6aHKOBCKMM CaMT, Ha KOTOpOM 
TonbKO hto aBTopn3npoBa/icjR 6yxra/iTep, TeM caMbiM caMTOM m/im 
>Ke 3to 6bina ero MAea/ibHaa Koni/m, KOTopaa Mcno/ib3yeTCfl b uermx 
c^mui/mra? 3Ta KaTeropna coAep>KMT MHcrpyMeHTbi, KOTopbie 
noMora kdt BaM b AaHHbix TMnax aTaKM; 

• CiiCTeMHbie cny>K6bi: AaHHaa KaTeropMfl coagp>kmt 

MHCTpyMeHTbi, KOTopbie no3BO/i?iK)T BaM 3anycKaTb m 
ocTaHaB/iMBaTb npnno>KeHMfi, KOTopbie pa6oTaK)T b <£ohobom 
pe>KMMe b KanecTBe cMcreMHbix cny>K6. 


1.4 OcHOBHbie oco6eHHOCTM Kali Linux 

Kali Linux AB/iaeTCfl AncTpn6yTMBOM Linux, KOTopbiM coAep>KMT cbokd 
C 06 CTBeHHyK) KO/ineKUMK) COTeH MHCTpyMeHTOB M npOrpaMMHblX 
cpeACTB, cneukiaribHO npncnoco6neHHbix A-rm cbomx ueneBbix 
no/ib30BaTe/iePi - neHTecTepoB m Apyrnx cneuMarmcTOB cc^epbi 
6e3onacHOCTM. TaK>Ke oh nocTaBrmeTCfl c MHCTa/irmTopoM Arm no/iHOM 
ycTaHOBKM Kali Linux b icanecTBe ochobhom onepaqMOHHOM cMcreMbi 
Ha /ik)6om KOMnbKDTep. 

3to noHTM to >Ke caMoe, hto m Ha MHO>KecTBe Apyrux cymecTByK>mnx 
AncTpn6yTHBax, ho ecTb cneuManbHbie OT/iMHMTe/ibHbie oco6eHHOCTM, 
KOTopbie BbiAe/iflK)T Kali Linux cpeAM ApyrHx AncTpn6yTMBOB. 
Bo/ibLUMHCTBO M3 3tmx oco6eHHOCTeM npeAHa3HaneHbi Ann 
o6c/iy>KMBaHMjR KOHKpeTHbix Hy>KA neHTecTepoB. flaBaMTe 
n03HaK0MMMCf1 no6/lM>Ke C HeKOTOpbIMM M3 HMX. 


1.4.1 >KMBafl CMCTeMa 

B OT/iMHMe ot ApyrMX AHCTpM6yTMBOB Linux, r/iaBHbiM o6pa3 ISO, 
KOTopbiM Bbi cKanMBaeTe, npeAHa3HaneH He TO/ibKO Arm ycTaHOBKM 
onepauMOHHOM cMCTeMbi; oh Taioxe MO>KeT 6biTb Mcno/ib30BaH KaK 
caM03arpy>KaeMa?i >K\Asan CMCTeMa. flpyrMMM c/iOBaMM, Bbi MO>KeTe 
Mcnonb30BaTb Kali Linux, He ycraHaB/iMBafl ero, npocTO nyTeM 
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3arpy3Ki/i o6pa3a ISO (o6biHHO noc/ie KormpoBam/m o6pa3a Ha USB 
HOCMTe/lb). 

>KnBafl cMCTeMa coa6P>kmt MHcrpyMeHTbi name Bcero Mcno/ib3yeMbie 
neHTecTepaMM, TaK hto Aawe, ec/iM Kali Linux He AB/iaeTCfl cmctcmom, 
KOTopyK) Bbi ncno/ib3yeTe M30 ah a b AeHb, Bbi npocTO MO>KeTe 
BCTaBMTb KOMnaKT auck m/im USB HaKonMTe/ib m nepe3arpy3i/iTbCfl A-rm 
3anycKa Kali. OAHaico, noMHi/ue, hto HacrpoMKM no yMonnaHMio HE 
COXPAHflT M3MeHeHM5q noc/ie nepe3arpy3KM. Ec/ii/i Bbi BbicraBM/iM b 
H acTpoMKax coxpaHeHMe c noMombK) USB (cmotpm pa3Ae/i 9.4, 
"flo6aB/ieHne coxpaHeHMA c noMombK) USB Ha >kmbom ISO"), Bbi 
MOweTe HacTpaMBaTb cMcreMy no cBoeMy BKycy (M3MeHATb c^aM/ibi 
KOHc|3nrypai4Mn, coxpaHATb OTneTbi, o6HOBJiaTb nporpaMMHoe 
o6ecneHeHne h, HanpMMep, ycraHaB/iMBaTb Aono/iHMTe/ibHbie 
naxeTbi), m Bee \A3Menen\A9\ 6yAyT coxpaHeHbi, noc/ie nepe3arpy3KM. 


1.4.2 Pe>KMM KpMMMHaAMCTMHeCKOM 3KCnepTM3bl 

B o 6 meM, npoBOAfl JiK> 6 yK> KpMMMHa/iMCTMHecicyK) pa 6 oTy Ha CMCTeMe, 
Bbi XOTHTe M 36 e>KaTb KaKMX-/ln60 AeMCTBMM, KOTOpbie CMOr/lM 6 bl 
M 3 MeHMTb AaHHbie Ha aHa/iM3MpyeMoPi CMCTeMe. K co>Ka/ieHMK), 
coBpeMeHHbie cpeAbi pa 6 onero CTO/ia, icaic npaBM/io, MewaiOT btom 
Menu, nbiTaacb aBTOMaTMnecKM MOHTi/ipoBaTb /iK) 6 bie o 6 Hapy>KeHHbie 
mm ahck (m). fl/ifl Toro HTo 6 bi M 36 e>KaTb noAo 6 Horo noBeAGHMJi y Kali 
Linux eCTb pe>KMM KpMMMHa/lMCTMHeCKOM 3 KCnepTM 3 bl, KOTOpbIM MO>KHO 
BK/HOHMTb M 3 MeHK) 3 arpy 3 KM. flaHHbIM pe>KMM 3 a 6 /iOKMpyeT Bee 
noAo6Hbie cbomctb3. 

XMBaa CMCTeMa, b nacmocTM, AB/iaeTCfl oneHb none3HOM b 
KpMMMHa/lMCTMHeCKMX Ue/lAX, nOTOMy HTO OHa n03B0/15ieT 
nepe3arpy3MTb /ik)6om KOMnbKrrep b CMCTeMe Kali Linux 6e3 
M3MeHeHM5i m/im no/iyneHMA AOCTyna k >KecTKOMy Ancicy. 


1.4.3 noAb30BaTeAbCKoe fl^po Linux 

Kali Linux BcerAa npeAOCTaB/iaeT noc/ieAHee HacTpoeHHoe aapo 
L inux, ocHOBaHHoe Ha BepcMM Debian Unstable. 3 to o6ecnenMBaeT 
HaAS>KHyK) annapaTHyio noAAsp>KKy, oco6eHHO A-rm LUMpoKoro 
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cneKTpa 6ecnpoBOflHbix ycrpoMCTB. 51 apo MOAepHM3npoBaHO A-rm 
noAAep>KK m 6ecnpoBOAHoPi MH^eKUMM, nocKO/ibicy MHorne cpeACTBa 
oqeHKM 6e3onacHOCTM 6ecnpoBOAHOM ceTM no/iaraiOTCfl Ha 3Ty 
(f)yHKI4MK). 

nocKonbKy Ha mhotmx annapaTHbix ycrpoi/icTBax Tpe6yK)Tca 
o6HOB/ieHHbie c^ai/mbi npouiMBKM (MO>KeT 6biTb HaPiAeHO b Aib / 
firmware /), Kali ycraHaB/iMBaeT hx Bee no yMO-nnaHMio, BK/nonafl 
npoLUMBKy, AOCTynHyK) b 3aKpbiTOM ceKUMM Debian. Ohm He 
ycTaHaB/iMBaKrrcfl no yMO/inaHMio b Debian, noTOMy hto ohm 9\Br\$\tOTC5\ 
3aKpbiTbiMM m, c/ieAOBaTe/ibHO, He nBnntOTcn HacTbK) Debian. 


1.4.4 lloAHOCTbK) HacTpaMBaeMa^ 

Kali Linux co3AaHa neHTecrepaMM A-rm neHTecTepoB, ho Mbi npeicpacHO 
noHMMaeM, hto Aa/ieKO He Bee comacflTCfl c HaniMMM npoeKTHbiMM 
peilieHMflMM M/1M Bbl6opOM MHCTpyMeHTOB RKK BK/lKDHeHMfl nO 
yMonnaHMK). YHMTbiBaa Bee BbiiiiecKa3aHHoe, Mbi BcerAa yBepaeM, hto 
Kali Linux AB-rmeTca oneHb zierKO HacrpaMBaeMOM noA BaniM /lMHHbie 
Hy>KAbi m noTpe6HOCTM onepauMOHHOM cmctcmom. C btom qe/ibK), Mbi 
ny6/iMKyeM live-build KOHcjDMrypauMK), KOTopaa Mcno/ib3yeTCfl f\r\9\ 
Toro, HTo6bi BbiCTpoMTb Kali o6pa3 TaK, HTo6bi Bbi momm HacTpaMBaTb 
ero no BameMy >Ke/iaHMK). TaKMM o6pa30M, craHOBMTCfl oneHb zierKO 
HanaTb c btom ony6/iMKOBaHHOM KOHcjDMrypauMM m pea/iM30BaTb 
pa3/lMHHbie M3MeHeHMf1, OCHOBaHHbie Ha BaLUMX nOTpe6HOCTflX, 
6naroAapfl yHMBepca/ibHOCTM live-build. 

Live-build BK/iionaeT b ce6a MHO>KecTBO cbomctb A-rm y/iyHi±ieHMfl 
yCTaHOB/ieHHOM CMCTeMbl, yCT3H0BKM AOnO/lHMTe/lbHblX Cf)aM/10B, 
ycTaHOBKM AononHMTe/ibHbix naKeTOB, Bbino/iHeHMA npoM3BO/ibHbix 
KOMaHA M M3MeHeHMf1 3H3H6HMM, npeABapMTe/lbHO 3arpy>KeHHblX B 
debconf. 


1.4.5 HaA,e>KHafl onepau,MOHHafl CMCTeMa 

no/ib30BaTe/iM AaHHoro auc TpM6yTMBa A-rm o6ecneHeHMA 
6e30naCH0CTM BnO/lHe 33KOHHO XOTflT 3HaTb, HTO AaHHOM 
onepauMOHHOM cMCTeMe mo>kho AOBep^Tb, m hto OHa 6bma 
pa3pa60TaHa TaKMM 06pa30M, HT 06 bl Ka>KAblM MMe/1 B03M0>KH0CTb 
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03HaK0Mi/iTbCfl c McxoAHbiM koaom. Kali Linux pa3pa6oTaH He6o/ibi±iOM 
KOMaHAOi/i BbicoKOKnaccHbix cneuna/ii/icTOB, pa6oTaK>mnx Bno/iHe 
OTKpbiTO m npi/iAep>KMBaK)mnxcfl nymiiMx TpaA^UMM 6e3onacHOCTM: 
ohm 3arpy>KaK)T noAnMcaHHbie McxoAHbie naKeTbi, KOTopbie 3aTeM 
co3AaK)TC3R Ha cneuMa/iM3MpoBaHHbix AeMOHax c6opkm. 3aTeM naKeTbi 
coeAHHfiKDTCfi m pacnpocrpaHAiOTCfl KaK nacTb noAnMcaHHoro 
pen03MT0pM5R. 

Pa6oTa, npoAenaHHaa c naKeTaMM, MO>KeT 6biTb no/iHOCTbK) 
npocMOTpeHa nepe3 peno3MTopMM naKeTMpoBaHMA Git 13 (KOTopbie 
coAep>KMT noAnMcaHHbie Tern), KOTopbie Mcno/ib3yK)TCfl Ann co3AaHM?i 
McxoAHbix naKeTOB Kali. Pa3BMTMe Ka>KAoro M3 naKeTOB mo>kho 
OTC/ieAHTb C flOMOLUbK) CMCTeMbl OTC/ie>KMBaHM5q Kali 14 . 


1.4.6 McnoAb3yeTCfl b lijmpokom Anana30He ycrpoMCTB ARM 

Kali Linux npeAOCTaBrmeT ABOMHHbie naKeTbi A-na c/ieAyK)Lunx ARM 
apxMTeKTyp: armel, armhf, and arm64. B/iaroAapfl oneHb nerKO 
ycTaHaBnMBaeMOMy o6pa3y, KOTopbiM 6bm npeAOcraB/ieH Offensive 
Security, Kali Linux MOweT pa6oTaTb Ha MHO>KecTBe pa3/iMHHbix 
ycTpoPicTBax, HaHMHa co cMapTcf)OHOB m nnaHiiieTOB, 3aKaHHMBaa Wi¬ 
Fi poyTepaMM m KOMnbiOTepaMM pa3/iMHHbix paMepoB m cj^opM. 


1.5 npMHL^kinbi pa6oTbi Kali Linux 

Xojn Kali Linux cTpeMMTca cneAOBaTb no/iMTMKe Debian, rAe bto 
B 03M0>KH0, eCTb HeKOTOpbie 06 /iaCTM, TAe Mbl npMH^/lM AOBO/lbHO 
cneuMcj^MHecKMe npoeKTHbie peuieHMA M3-3a oco6bix noTpe6HOcreM 
npoc^eccMOHanoB b o6nacTM 6e3onacHOCTM. 


1.5.1 Oa,hh root noAb30BaieAb no yMOAHaHMK) 

BonbiiiMHCTBO AncTpM6yTMBOB Linux oneHb pa3yMHO noompflKrr 
Mcnonb30BaHMe HenpMBM/nerMpoBaHHOM yneTHOM 3anMCM npM 3anycKe 
CMCTeMbl M MCn0/lb30BaHMM TaKOM yTM/lMTbl, KaK sudo, B CMTyaUMflX, 


13 http://git. kali.org 
14 http://pkg.kali.org 
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Korfla Heo6xoAHMO o6naAaTb npaBaMM aAMMHMCTpaTopa. 3 to 3byhmt 
BnonHe pa3yMHO, Tax KaK Mbi no/iynaeM Aono/iHMTe/ibHbiM cjiom 
3amnTbi Me>Kfly no/ib30BaTe/ieM m noTeHUkia/ibHbiMH Aecrpy ktmb h bi m m 
m/im BpeAOHOCHbiMM onepauMAMM, m/im KOMaHAaMM onepauMOHHOM 
CMCTeMbi. 3to flBrmeTCfl oco6eHHO BepHbiM noAxoAaM A-rm CMCTeM c 
6onee neM oahmm no.nb30BaTe.neM, rae bto ABJiaeTCfl Heo6xoAHMOM 
Mepoi/i 6e3onacHOCTM, Tax xax oahh no/ib30BaTe/ib MOweT McnopTMTb 
m/im noBpeAHTb pa6oTy mhotmx no.nb30BaTe.neM. 

B CBA3M c TeM, hto 6o/ibiiiMHCTBO KOMaHA, BK/iK)HeHHbix b Kali Linux, 
MoryT 6biTb Bbino/iHeHbi nmub b tom c/iynae, ec/iM no/ib30BaTe/ib 
o6naAaeT root npaBaMM, to aicicayHT c AaHHbiMM npMBM/iemflMM 
9\Br\9\eTC9\ aKKayHTOM no yMO/inaHMK). B OT/iMHMe ot ApyrMx 
AMCTpM6yTMBOB Linux BaM He 6yAeT npeA-no>KeHO co3AaTb 
HenpMBM/ierMpoBaHHoro no/ib30BaTerm npn ycraHOBKe Kali. 3Ta 
KOHKpeTHaa no/iMTMKa flBrmeTCfl cepbe3HbiM OTK/iOHeHMeM ot 
6onbiiiMHCTBa cMcreM Linux m, KaK npaBM.no, oneHb 3anyTaHHa A-rm 
MeHee onbiTHbix no.nb30BaTe.neM. HaHMHaK)i±ine AO/i>KHbi 6biTb 
oco6eHHO ocTopo>KHbi npu Mcno/ib30BaHMM Kali, nocKO/ibKy caMbie 
pa3pyiiiMTe/ibHbie olum6km B03HMKaK)T npu pa6oTe c npMBM/ierMAMM 
root. 


1.5.2 CeTeBbie CAy>K6bi 3a6AOKMpoBaHbi no yMOAHaHMK) 

B OT/iMHMe ot Debian, Kali Linux 6/iOKMpyeT /iK)6yK) ycTaHOB/ieHHyK) 
c/iy>K6y, KOTopaa 6yAeT npoc/iyuiMBaTb ny6/iMHHbiM ceTeBOM 
MHTepcjDeMC no yMO/inaHMK), TaKOM KaK HTTP m SSH. 

OcHOBaHMeM A-n^ Taicoro peuieHMA ABrmeTCfl MOTMBauMA 

MMHMMM3MpOB3Tb B03M0>KH0CTb BblAB/ieHMA BO BpeMfl TeCTMpOBaHMfl 
Ha npoHMKHOBeHMA, KorAa nK)6bie Heo>KMAaHHbie ceTeBbie 
B3aMM0AeMCTBMf1 yBe/lMHMBaK)T PMCKM 6blTb o6Hapy>KeHHbiM. 

Bbi Bee eme MOweTe bk/ikdhmtb /iK)6yK) c/iy>K6y no BameMy Bbi6opy 
nyTeM 3anycKa systemctt enable service. Mbi eme BepHeMca k btomy 
H eMHoro no3>xe b maBe 5, "HacrpaMBaeM Kali Linux". 
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1.5.3 KypaTopcKMM Ha6op npn/io>KeHMM 

Debian crpeMMTCfl 6biTb yHMBepca/ibHOM onepauMOHHOM cMcreMoPi m 
noaTOMy HaKnaflbiBaeT oneHb He6o/ibLune orpam/Nem/ifl Ha to, hto 
6yAeT naiceTMpoBaHO, noApa3yMeBaa, hto y Ka>KAoro naiceTa 
HaMAeTca cbom nonb30BaTenb. 

B OT/ii/iHMe ot 3Toro, Kali Linux He naKeTi/ipyeT Bee AOCTynHbie 
MHCTpyMeHTbi A-rm TecmpoBaHMA Ha npoHMKHOBeHMe. Bmccto btoto, 
Mbi HaMepeBaeMca npeAOcraBMTb TO/ibKO caMbie /lynuiMe 
MHCTpyMeHTbi c 6ecnnaTHOM /iMMeH3MeM, KOTopbie cnoco6Hbi 
CnpaBMTbCfl npaKTMHeCKM CO BCeMM 3aA9HM51MM, B03HMKaK)LUHMM y 
neHTecTepa. 

Kali pa3pa6oTHMKM, pa6oTaK)LUMe KaK neHTecrepbi, pyKOBOA^T 
npoueccoM OT6opa, a Mbi Mcno/ib3yeM mx onbiT m KBa/iMcjDMKauMK) A-rm 
Toro, HTo6bi cAenaTb 6e3ynpenHbiM Bbi6op. B HeKOTopbix c/iyHaflx 
Bbi6op AB/iaeTCfl caMO co6om pa3yMeiomnMCJR c^aKTOM, ho ecTb m 
Apyrne, 6onee cno>KHbie BapnaHTbi, KOTopbie npocTO cboa^tca k 

/IMHHbIM npeAnOHTeHMjqM. 

HM>Ke npMBeAeHbi HecKO/ibKO ocHOBHbix momchtob, Ha KOTopbie b 
nepByio oneHb o6pamaeTCfl BHMMaHM a bo BpeMA oqeHKM 
npMno>KeHM?i: 

• riO/lb3a OT npM/10>KeHMf1 B KOHTeKCTe TeCTMpOBaHM51 Ha 
npoHMKHOBeHMe; 

• YHMKa/lbHOCTb Ct^yHKUMOHa/lbHOM H3CTM npM/io>KeHMfl; 

• JlMI4eH3Mfl npM/10>KeHM?i; 

• Tpe6oBaTe/ibHOCTb npM/io>KeHMfl. 

noAAep>KaHMe nocTOAHHO o6HOBrmeMoro no/ie3HbiMM MHcrpyMeHTaMM 
A/151 npOBeAGHM51 TeCTMpOBaHMfl Ha npoHMKHOBeHMe pen03MT0pM5q 
AB/ifleTca AOBO/ibHO HenpocToPi 3aAaneM. Mbi npMBeTCTByeM 
npeA/io>KeHMfi no MHCTpyMeHTaM b paMKax BbiAeneHHOM KaTeropMM 
(New Tool Requests) b Kali Bug Tracker 15 . 3anpoc Ha Ao6aB/ieHMe 
HOBoro MHCTpyMeHTa /lynniero Bcero ocbopMJiflTb, KorAa nocneAHMM 
xopomo npeACTaBneH, T.e. MMeeT xopomee onncaHMe, BK/nonafl 
pa3"bflCHeHMfl toto, noneMy AaHHbiM MHCTpyMeHT 9\Br\9\eTC9\ none3HbiM, 


15 http://bugs. kali.org 
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KaK ero mo>kho conocTaBHTb c ApyrMMM noxo>KMMM npM/io>KeHM?iMM m 

t.a. 


1.6 lloABeAeM morn 

B ashhom rnaBe Mbi npeACTaBM/iM BaM Kali Linux, m3/io>km/im HeMHoro 

MHC|30pMai4MM 06 MCTOpMM, npOLU/lMCb nO OCHOBHbIM 0 C 06 eHH 0 CTflM M 

npnBe/iM npMMepbi HexoTopbix c/iynaeB Mcno/ib30BaHMfl. Mbi Taxwe 

o6cyAn/in HeicoTopbie ocHOBHbie npMHUMnbi, KOTopbie Mbi npi/ihm/iu bo 

BpeMa pa 3 pa 6 oTKM Kali Linux. 

T/iaBHoe M3 pa3Ae/ia: 

• Kali Linux 16 flBrmeTCfl no/iHOCTbK) roTOBbiM AMCTpM6yTMBOM 
KOHTpo/ia 6e3onacHOCTM Linux, ocHOBam-ibiM Ha Debian GNU/Linux. 
Kali npeAHa3HaneH A-na npoc^eccMOHa/iOB b ccj^epe 6e3onacHOCTM m 
IT aAMMHMCTpaTOpOB, n03B0/lf15q MM npOBOAMTb npoABMHyToe 
TeCTMpOBaHMe Ha npOHMKHOBeHMe, KpMMMHa/lMCTMHeCKMM aHa/lM3 M 
KOHTpo/ib 6e3onacHOCTM; 

• B OT/lMHMe OT 60 /lbLUMHCTBa OCHOBHbIX OnepaqMOHHblX CMCTeM Kali 
Linux flBrmeTCfl AMHaMMHecKMM AncTpM6yTMBOM. 3 to 03HanaeT, hto 
B bi 6yAeTe nonynaTb o6HOB/ieHMfl Ka>KAbiM AeHb; 

• flMCTpM6yTMB Kali Linux ocHOBaH Ha Debian Testing 17 . I/Imchho 
noaTOMy, 6o/ibLUMHCTBO naxeTOB, AOCTynHbix b Kali Linux 
HaxoA^Tca HanpjRMyio b peno3MTopMM Debian; 

• HecMOTpa Ha to, hto ocHOBHaa 3aAana Kali MO>xeT 6 biTb Bbipa>KeHa 

CneAyKDIAMMM C/lOBaMM "TeCTMpOBaHMe Ha npOHMKHOBeHMe M 
KOHTpo/ib 6e30naCH0CTM", B HeM npMCyTCTByKDT HeKOTOpbie 
MHCTpyMeHTbi, noAxoA^iAMe A-n^ cneAyKDLUMx c/iynaeB 
Mcno/ib30BaHMjq: OTc/ie>KMBaHMe ceTM A-rm cMCTeMHbix 

aAMMHMCTpaTOpOB, KpMMMHa/iMCTMHecKMM aHa/iM3, 6 ecnpoBOAHoe 
OTc/ie>KMBaHMe, ycTaHOBKa BCTpoeHHbix ycTpoPicTB, ycTaHOBKa Ha 
Mo 6 MnbHbie nnaTcjDopMbi m MHoroe Apyroe; 

• MeHio Kali 06 /iernaeT AOCTyn k MHCTpyMeHTaM A-na pa3/iMHHbix 
3aAan m Ae mctbmm, BK/nonafl: aHa/iM3 yfl3BMMOCTM, aHa/iM3 Be6 
npM/io>KeHMM, oueHKa 6a3bi AaHHbix, b3jiom napo/ia, 6ecnpoBOAHbie 


16 https://www. kali.org 
17 https://www.debian.org/releases/testing/ 
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aTaKi/i, o6paTHafl pa3pa6oTKa, MHCTpyMeHTbi BKcn/iyaTauMM, 
sniffing m spoofing, nocT BKcn/iyaTauMOHHbie MHCTpyMeHTbi, 
KpMMMHa/lMCTMHeCKHe MHCTpyMeHTbi, MHCTpyMeHTbi RKK C03flaHMfl 
OTHeTOB, MHCTpyMeHTbi COUMa/lbHOM MH>KeHepMM, M CMCTeMHbie 
c/iy>K6bi; 

• Kali Linux MMeeT MHO>KecTBO Aono/iHMTe/ibHbix cbomctb m 
oco6eHHOCTeM: Mcno/ib30BaHMe b KanecTBe >kmbom (He 

yCTaHOBneHHOM) CMCTeMbl, yCTOMHMBbIM M 6e30naCHblM 
KpMMMHa/lMCTMHeCKMM pe>KMM, n0/lb30BaTe/lbCK0e J^APO Linux, 
cnoco6HOCTb nonHOCTbK) HacTpoMTb cMCTeMy, HaAewHaa m 
6e3onacHaa onepauMOHHaa cMCTeMa, B03M0>KH0CTb ARM 
ycTaHOBKM, 6e3onacHaa ceTeBa n no/iMTMKa no yMO/inaHMio, m 
KypaTopcKMM Ha6op npM/io>KeHMM. 

B c/ieAyromeM maBe, Mbi norpy3MMca m onpo6yeM Kali Linux 

6/iaroAapa ero live pe>KMMy 



Hadb 2: Hana/io pa6oTbi c Kali Linux 

CoaepwaHne: 

2.1 3arpy>KaeM o6pa3 Kali ISO 

2.2 3arpy3Ka o6pa3a Kali ISO b pe>KMMe peanbnoro BpeMei-M 

2.3 llO/]BO/]MM l/ITOri/l 

K/ifoneBbie c/iOBa rnaBbi: 

• CKaHHBam/ie ISO o6pa3 

• >Ki/iBafl 3arpy3Ka 


25 


B OT/ii/NMe ot ApyrHx onepauHOHHbix ci/icreM HanaTb pa6oTaTb c Kali 
Linux HaMHoro npome 6/iaroAapfl TOMy, hto o6pa3 3arpy30HHoro 
AMCKa AB-rmeTca >KMBbiM ISO o6pa30M, hto b cbokd onepeAb 03HanaeT, 
hto BaM He npi/iAeTCfl c/ieAOBaTb HMKaKMM npeABapMTe/ibHbiM 
MHCTpyKUMflM no ycTaHOBKe. 3to 03HanaeT, hto Bbi MOweTe 
ncno/ib30BaTb oahh h tot >xe o6pa3 Ann Tecn/ipoBaHi/m, Ann 
ncnonb30BaHH5R b qe/iAx KpMMMHa/iMCTMnecKOM 3KcnepTM3bi 
3arpy30HHoro o6pa3a USB v\nv\ DVD, m/im A-rm ycraHOBKM b KanecTBe 
nocTOAHHOM onepauMOHHoPi cMcreMbi Ha pea/ibHOM v\nv\ BHpTya/ibHOM 
o6opyAOBaHnn. 

l/l3-3a npocTOTbi b ncno/ib30BaHMM oneHb /lerico 3a6biTb, hto 
H eo6xoAHMO npnAep>KMBaTbCfi onpeAe/ieHHbix Mep 

npeAOCTopo>KHOCTM. no/ib30BaTe/in Kali nacTO craHOBATCfl >KepTBaMM 
/i koagm c He6narnMn HaMepeHMflMM, 6yAb to cnoHci/ipyeMbie 
rocyAapcTBOM rpynnbi, 3/ieMeHTbi opraHM30BaHHOM npecrynHOCTM v\nv\ 
OTAe/ibHbie xaxepbi. OTKpbiTbiPi McxoAHbiPi koa Kali Linux c nerKOCTbK) 
no3BO/ifieT 3/ioyMbiLuneHHHKaM co3AaBaTb m pacnpocrpaHATb 
noAAe/ibHbie Bepc mm, Tax hto oneHb b3>kho, HTo6bi Bbi Bbipa6oTann 
npMBblHKy CKaHMBaHHfl MHC|30pMai4MH C OpMrMHa/lbHblX MCTOHHMKOB M 
BcerAa npoBepa/iM noA-nnHHOCTb h AOCTOBepHOCTb Toro, hto Bbi 
CKana/iM. 3 to oco6eHHO b3>kho A-rm cneuMa/iMCTOB b c<£epe 
6e3onacHOCTM, KOTopbie name Bcero MMeiOT AOCTyn k ya3BHMbiM 
CeTflM, M KOTOpbIM AOBepflKDTCfl ASHHbie K/lMeHTOB. 


2.1 3arpy>KaeM ISO o6pa3 Kali 

2.1.1 r,A,e CKanaTb 

EAMHCTBeHHbiM ocj^HMMa/ibHbiM pecypc, rAe Bbi 6ecnpenflTCTBeHHO 
MO>xeTe CKanaTb ISO o6pa3 Kali Linux, bto pa3Aen 3arpy3KM 
(Downloads) Ha Be6 cauTe Kali. \A 3 - 3 a cBoePi nonyrmpHoern b 
1/lHTepHeTe cymecTByiOT MHoronMcneHHbie caMTbi, KOTopbie 
npeA-naraiOT o6pa3 Kali A-n^ CKanMBaHMA, ho hx He/ib3fl cnMTaTb 
HaAS>KHbiMM, t.k. ohm AeMCTBMTe/ibHO MoryT 6biTb 3apa>xeHbi 
BpeAOHOCHbiMM nporpaMMaMM v\nv\ >xe cMoryT KaKMM-/iM6o MHbiM 
o6pa30M HaHecTM HenonpaBMMbiM ypoH BameM cMCTeMe. 
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A https://www.kati.org/downtoads/ 

flam-ibiM Be6 caPiTflocTyneH nepe3 HTTPS, hto b cbokd onepeAb oneHb 
CM/ibHO 3aTpyAH?ieT ero noAAe/iKy. HeB03M0>KH0 Bbino/iHMTb aTaKy 
«He/iOBeK b cepeAHHe», TaK KaK 3/ioyMbiLu/ieHHMKy Tai<>Ke 
noHaAo6MTca cepTMcjDMKaT www.kali.org, noAnncaHHbm ueHTpoM 
cepTMcjDMKaqMM Transport Layer Security (TLS), KOTopbiPi b cbokd 
onepeAb 3aBepeH 6pay3epoM >KepTBbi. T.k. ueHTpbi cepTMc|DMKai4MM 
cymecTByKDT KaK pa3 ann toto, HTo6bi npeAOTBpamaTb noAo6Horo 
poAa npo6/ieMbi, ohm nocTaB/i^KDT cepTMcjDM KaTbi TO/ibKO TeM /ikda^m, 
HbM /imhhoctm 6bi/iM npoBepeHbi m TeM, kto npeAOCTaBM/i pea/ibHbie 
A0Ka3aTenbCTBa Toro, HTO OHM KOHTpO/IMpyKDT COOTBeTCTByKDLAMM 
Be6caMT. 


cdimage.kali.org 

Ccbi/iKM, HaPiAeHHbie Ha cTpaHMqe 3arpy3KM, yKa3biBaK)T Ha aomch 
cdimage.kati.org, KOTopbiPi nepeHanpaBrmeTca k 6/iM>KaMLueMy k BaM 
3epKa/iy, y/iyniuafl cKopocTb nepeAanM AaHHbix, yMeHbLuafl Harpy3Ky 
Ha ueHTpanbHbie cepBepbi Kali. 

CnMcoK AOCTynHbix 3epKa/i modkho h3mtm 3Aecb: 

A http://cdimage.kati.org/README.mirrortist 


2.1.2 Hto CKaHMBaTb 

OcjDMUMa/ibHaa cTpaHMua 3arpy3KM noKa3biBaeT kopotkmm cnncoK 
o6pa30B ISO, KaK bto modkho yBMASTb Ha pMcyHKe 2.1, "CnncoK 
o6pa30B peKOMeHAyeMbix A-rm 3arpy3KM". 

CKanaMTe o6pa3bi Kali Linux 

Ka>KAbie HecKO/ibKO MecaqeB Mbi co3AaeM HOBbiM o6pa3 Kali Linux, 
KOTopbiPi AOCTyneH A-rm CKanMBaHMA. 3Ta CTpaHMua npeAOCTaBrmeT 
ccbi/iKM A-n^ CKaHMBaHMa nocneAHMX BbinycKOB Kali Linux. HTo6bi 
npOCMOTpeTb MCTOpMKD BbinyCKOB, 03HaK0MbTeCb C HameM CTpaHMUePi 
BbinycKOB Kali Linux, npoiiiy Bac yHMTbiBaTb, hto 3Aecb Bbi MO>KeTe 
h3mtm Heoc|DMi4Ma/ibHbie m HenpoBepeHHbie BbinycKM: 

http://cdimage.kali.org/kali-weekly/. 
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Imag* Nam* 

Download 

Size 

Version 

sha2S6sum 

KaK 64 bit 

ISO 1 Torrent 

2 6G 

2017.1 

49blc5769b909220060dc4c0glla«09d97a270»80d259*05773101df62«ll»9d 

KaK 32 bit 

ISO I Torrent 

2.7G 

2017.1 

SOlb 3747eSac7c 696217392fe49ec21dacee277404500fc49d4a0ee8262Saabe 

KaK *4 bit Licht 

ISO 1 Torrent 

0 9G 

2017.1 

5<0f6300bf9842b724df92cb20*4637445614fc03029cdcb21af3902442a*9b0 

KaK 32 bit Light 

ISO 1 Torrent 

OBG 

2017.1 

6c 83101 ec48702c 7d93d 32562*822b639d5c577314b448e 3b 8330995e0f07e0f 

KaK 64 bit e!7 

ISO 1 Torrent 

2 4G 

2017.1 

a«293c4679438a4417d090a272ccbl3d7619e66d4502374154186cl2891ib99c 

KaK 64 bit KDf 

ISO 1 Torrent 

2.70 

2017.1 

839741 f tc 378114f f068d f 3*C 2db«d9d8*44 m 61 3e690d50b 25c*9cc 1468104b 

KaK 64 bit Mate 

ISO | Torrent 

2 60 

2017.1 

3ea748aa8cS450d804020acdbcaS40398ee90242bb4413cl298Sel86S186ca9e 

KaK 64 bit »(« 

ISO 1 Torrent 

2 5G 

2017.1 

8al7c2454850585760b9d32a22«26d49a284396b4017534a0a9b296a«44c4593 

KaK 64 bit LXDE 

ISO I Torrent 

2.50 

2017.1 

3Seae65aaaabbaB188d4d963e45b7b4d76e0684e7721c7d232cf18320b7cae3b 

KaK armhf 

Image 1 

Torrent 

0 90 

2017.1 

a75199aa8a3d7b64561bc03fcd6*3448b94743c8769««c4aa4b71940447cbb63 

KaK ar mat 

Image | 

Torrent 

0 4G 

2017.1 

180414422196f0797cl«a5f3cl8682bc4b3ced871cb3e874«90de52dd4af877c 


PncyHOK 2.1 CnMcoK o6pa30B, peKOMeHflyeMbix A-rm 3arpy3KM 


Bee o6pa3bi, noMeneHHbie KaK 32- m/im 64-pa3p^AHbie, othocatca k 
o6pa3aM, noAxoA^muM A-rm ueHTpa/ibHbix npoueccopoB (1411), 
KOTOpbie MCnO/lb3yK)T 60 Jlbl±IMHCTB 0 COBpeMeHHbIX nepCOHa/lbHblX 
KOMnbKDTepoB m HoyT6yKOB. Ec/im Bbi cKanMBaeTe o6pa3 A-nfl ero 
nocneAyKDmero ncno/ib30BaHna Ha no/iHOCTbK) coBpeMeHHOM ManiMHe, 
BepojRTHee Bcero, hto BaM noHaAo6MTca BepcMfl A-na 64-pa3pflAHoro 
npoueccopa. Ec/im Bbi Bee eme He yBepeHbi, to Tenepb 6yAbTe 
yBepeHbi, hto Bee 64-pa3pnAHbie npoqeccopbi MoryT 3anycKaTb 32- 
pa3paAHbie Bepci/iH. Bbi BcerAa MO>KeTe 3arpy3MTb m 3anycTMTb 32- 
pa3pjRAHbm o6pa3. 06paTHoe yTBep>KASHne, OAHaico, ocraeTca 
HeBepHbiM. Arm donee AeTa/ibHOM MH(£opMai4MM 03 HaK 0 MbTecb c 
npMBeASHHOM HM>Ke MHCjDOpMaUHeM. 

Ec/im Bbi n/iaHMpyeTe ycTaHOBMTb Kali Ha BCTpaMBaeMoe ycrpoi/icTBO, 
CMapTcj^OH, Chromebook, TOHKy Aocryna, m/im Ha /iK)6oe Apyroe 
ycTpoPicTBO, ocHameHHoe ARM npoueccopoM, Bbi AO/i>KHbi 
Mcno/ib30BaTb o6pa3bi Linux armel m/im armhf. 
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fle/meTCfl Jin mom Un 32- m/im 64-pa3p«flHbiM? 

Pa6oTan b onepaunoHHoPi CMCTeMe Windows, Bbi cMO>KeTe HaPiTM 3Ty 
MHcjDopMaMMK) nyTeM 3anycKa npMno>KeHMfl l/lHcj^opMauMM o CMCTeMe 
(System Information) (HaxoAHTcn b nanKe 06opyflOBaHne > 
CkicTeMHbie MHcrpyMeHTbi). B OKHe «HHc]}opMai4Mfl o cMcreMe» Bbi 
CMO>KeTe yBHAeTb none «Tnn CMCTeMbi», KOTopoe 6yAeT coAepwaTb 
cneAyKDmyK) MHc|x)pMai4MK) TIK Ha 6a3e x64 " A-nn 64- pa3pnAHoro Ufl 
v\nv\ "nK Ha 6a3e x86 " A-nn 32-pa3pnAHoro 1411. 

B cMCTeMax OS X/macOS, HeT CTaHAapTHoro npnno>KeHkm, KOTopoe 
OTo6pa>Kano 6bi 3Ty MHc(3opMaunK), ho Bbi Bee eme MO>KeTe nonynMTb 
ee Ha BbiBOAe KOMaHAbi uname -m bbcashhom b TepMHHane. Ha 
BbiBOAe Bbi yBMAHTe x86_64 A-nn CMCTeMbi c 64-pa3pnAHbiM aaPOm 
(KOTopan MO>KeT pa6oTaTb TonbKO Ha 64-pa3pHAHOM 1411), a A-nn 
CMCTeM c 32-pa3pnAHbiM aapom, Bbi yBMAHTe i386 v\r\v\ hto-to noxo>Kee 
(i486, i586, v\nv\ i686). /lio6oe 32-6MTHoe nApo MO>KeT pa6oTaTb Ha 
64-6mthom npoqeccope, ho nocKonbKy Apple ynpaBnneT 
o6opyAOBaHMeM m nporpaMMHbiM o6ecneneHMeM, to bp^a /im Bbi 
CTonKHeTecb c noAo6HOM KOHcjDMrypaMMei/i. 

B CMCTeMe Linux, Bbi MO>KeTe npoBepMTb AaHHbie b BMpTyanbHOM 
cjDaMne /proc/cpuinfo. Ectim oh coasp>kmt aTpn6yT Im, to TorAa Bam 
Un nBnneTcn 64-pa3pnAHbiM; b npoTMBHOM cnynae, oh 32- 
pa3pnAHbiM. CneAyKDman KOMaHAHan CTpoKa npeAOCTaBMT BaM 
MHcjDopMauMK) o tom, CKonbKO pa3pnAHbiM npoueccop Bbi 
Mcnonb3yeTe: 


$ grep -qP "'flags\s*:.*\bln\b' /proc/cpuinfo && echo 64-bit 
** || echo 32-bit 

64-bit 


Tenepb, KorAa Bbi 3HaeTe iokom mmchho 32-pa3pnAHbiM v\nv\ 64- 
pa3pnAHbiM o6pa3 BaM HyweH, ocranocb npoAenaTb Bcero oahh mar: 
Bbi6paTb TMn o6pa3a. 06a o6pa3a no yMonnaHMio A-nn Kali Linux m A-nn 
Kali Linux Light nBnmoTcn >KMBbiMM ISO, KOTopbie MoryT 6biTb 
Mcnonb30BaHbi KaK A-nn 3anycKa >kmbom CMCTeMbi, TaK m A-nn crapTa 
npouecca ycTaHOBKM. Ohm OTnMHaiOTcn TonbKO nMiiib Ha6opoM 
npeAeapMTenbHO ycTaHOBneHHbix npMno>KeHMM. 06pa3 no yMonnaHMio 
mast c pa6oHMM CTonoM GNOME m orpoMHbiM Ha6opoM naKeTOB, 
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KOTopbie Aon>KHbi noAOMTM npaxTMnecxM Ann Bcex neHTecrepoB, b to 
BpeMa KaK o6pa3 light magt c pa6oHMM cto/iom Xfce, (xoTopbii/i, 
6e3yc/iOBHO, nsnnejcn MeHee Tpe6oBaTe/ibHbiM k cMcreMe), m MMeeT 
orpaHMHeHHbiM Ha6op naxeTOB, no3Bormx)LUMM To/ibxo Jirnub 
Bbi6npaTb Heo6xoAHMbie BaM npM.no>xeHMfl. Ocra/ibHbie o6pa3bi 
ncno/ib3yK)T a/ibTepHaTHBHbie cpeAbi pa6onero cmna, ho Tai<>Ke v\f\yi 
c tom >xe 6o/ibLuoM KO/1/ieKuneM naxeTOB, hto m ochobhom o6pa3. 

Kax TonbKO Bbi onpeAe/iMTecb c TeM, xaxoi/i o6pa3 BaM Hy>xeH, Bbi 
CMO>xeTe cxanaTb ero, Ha>xaB Ha "ISO" b cooTBeTCTByiomeM crpoxe. B 
xanecTBe a/ibTepHaTMBbi, Bbi cMO>KeTe cxanaTb o6pa3 M3 
OAHopaHroBoPi ceTM BitTorrent, Ha>xaB Ha "Torrent," b c/iynae ec/iM y 
Bac ecTb K/ineHT BitTorrent, xoTopbiM npeAHa3HaneH A-rm pa6oTbi c 
pacLUMpeHMeM .torrent. 

rioxa Bbi6paHHbm BaM m o6pa3 ISO 3arpy>xaeTCfl, Bbi AO/i>KHbi npi/iHATb 
k cBeASHMK) KOHTpo/ibHyio cyMMy, Ham/icaHHyio b cmn6i4e 
sha256sum. Iloc/ie toto, xax Bbi 3arpy3M/in Bam o6pa3, ncno/ib3yMTe 
3Ty KOHTpo/ibHyio cyMMy, HTo6bi y6eAMTbca, hto 3arpy>xeHHoe 
M3o6pa>KeHMe cooTBeTCTByeT TOMy, KOTopyio KOMaHAa pa3pa6oTHMKOB 
Kali pa3MecTM/ia b MHTepHeTe (cm. CneAyKDLUMM pa3Ae/i). 


2.1.3 ripoBepKa u^aocthoctm m ncwiMHHOCTM 

npo<t>eccMOHa/ibi b cc|3epe 6e3onacHOCTM AO/i>KHbi npoBep^Tb 
nOA/lMHHOCTb CBOMX MHCTpyMeHTOB He TO/lbKO A-™ 3aiAMTbl CBOMX 
AaHHbix, ho m Ann coxpaHeHi/m 6e3onacHOCTM AaHHbix x/iMeHTOB. Xojn 
CTpaHMua 3arpy3KM Kali MMeeT TLS 3ai±iMTy, ctoaKTMHecxaa ccbmxa Ha 
cxaHMBaHMe yxa3biBaeT Ha He3aLUM(f)poBaHHbiM URL-aApec, KOTopbiM 
He 3amMmaeT ot B03M0>KHbix aTax TMna «He/iOBeK-B-cepeAMHe». Tot 
dpaKT , hto Kali nonaraeTca Ha ceTb BHemHMx 3epKan A-rm 
pacnpocTpaHeHMfi o6pa3a, He 03HanaeT, hto Bbi AO/i>KHbi cneno 
AOBepflTb TOMy, hto Bbi 3arpy>xaeTe. 3epxa.no, Ha xoTopoe Bbi 6bmM 
HanpaB/ieHbi, bo3mo>kho, 6bmo B3/i0MaH0 m/im >xe KOHxpeTHO Bbi 
AB/iaeTecb >xepTBOM aTaxM. 

f\nn Toro HTo6bi 06/ierHMTb 3tot npouecc Kali BcerAa npeAOcraBrmeT 
KOHTpo/ibHyio cyMMy pacnpocTpaHfieMbix o6pa30B. Ho A-rm toto, 
HT06bl CAe/iaTb npOBepxy 3CjDC(3eKTMBHOM, Bbi AO/l>KHbl 6blTb yBepeHHbl, 
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hto KOHTponbHaa cyMMa, no/iyneHHafl BaM m, AB/iaeTCfl tom >Ke caMoPi, 
hto m KOHTpo/ibHaa cyMMa, ony6nnKOBaHHaa pa3pa6oTHMKaMM Kali 
Linux. EcTb HecKO/ibKO cnoco6oB BbmcHMTb bto. 

no/iaraeMcn Ha TLS-3aiijMiiieHHbie ee6ca^Tbi 

Korfla Bbi M3BneKaeTe KOHTpo/ibHyK) cyMMy c TLS 3ammneHHoPi 
CTpaHMUbi 3arpy3KM, ee mctohhmk tohho rapaHTi/ipyeTCA 
cepTncf)MKaTOM 3amnTbi MOAe/in X.509: coAepwaHMe, KOTopoe Bbi 
BMAMTe, MAST C Be6 CaMTa, KOTOpblPi HaXOAMTCfl nOA KOHTpO/ieM 
/1MHHOCTM, 3anpOCMBIlieM TLS CepTMCf)MKaT. 

Tenepb Bbi AO/i>KHbi creHepMpoBaTb KOHTpo/ibHyK) cyMMy Bamero 
3arpy>xeHHoro o6pa3a m y6eAMTbCfl b tom, hto OHa no/iHOCTbio 
cooTBeTCTByeT TOMy, hto HanMcaHO Ha caPiTe Kali: 


$ sha256sum kali-linux-2017.l-amd64.iso 

49blc5769b9e9220060dc4c0ellae09d97a270a80d259ee5773101df62elle9d kali-linux-2016.2-amd64.iso 


Ec/im Bbi creHepMpoBa^M KOHTpo/ibHyK) cyMMy, KOTopaa no/iHOCTbio 
cooTBeTCTByeT ToPi, hto HaxoAMTCjq Ha cTpaHMue 3arpy3KM Kali Linux, 
to Bbi cicana/iM Hy>KHbiPi c^aPi/i. Ec/im KOHTpo/ibHaa cyMMa OT/iMnaeTca, 
to 3to AB/ifleTca npo6/ieMoPi, xota 3to He 03HanaeT b3/iom m/im aTaKy; 
3arpy3KM mhotas noABepraiOTca M3MeHeHMAM m no/iynaiOT 
noBpe>KA6HM}i, no Mepe toto KaK ohm nepeMemaiOTCfl b 1/lHTepHeTe. 
l1onpo6yPiTe noBTopMTb cbokd 3arpy3Ky cHOBa, ho ywe c Apyroro 
ocJ^MUMa/ibHoro 3epKa/ia Kali, ec/iM kohchho bto nBnnejcn B03M0>KHbiM 
(cMOTpMTe "cdimage.kali.org" A-rm no/iyneHMA 6o/ibiuePi MHcjDopMauMM 
o AOCTynHbix 3epKa/iax). 

nosiaraeMca Ha PGP Web of Trust 

Ec/im Bbi He AOBep^eTe Mcno/ib30BaHMK) HTTPS A-rm ayTeHTMcf)MKauMM, 
to Bbi b KaicoPi-TO Mepe AB/iaeTecb napaHOMKOM, ho bto Bno/iHe 
cnpaBeA/iMBO. CymecTByeT orpoMHoe KO/iMnecTBO npMMepoB cKBepHO 
ynpaB/iaeMbix ueHTpoB cepTMcf)MKauMM, KOTopbie BbiAaBa/iM 
noAAe/ibHbie cepTMc^MicaTbi, hto b cbokd onepeAb He oneHb xopomo 
3aKaHHMBa/iocb. Bbi Taioxe MO>xeTe 0Ka3aTbCfl wepTBoPi «Apyx<ecKoPi» 
aTaKM ne/iOBeKa-no-cepeAMHe, KOTopaa pea/iM3yeTca bo mhotmx 
KopnopaTMBHbix ceTJix, Mcno/ib3yji cneuMa/iM3MpoBaHHoe, 
AOBepeHHoe BCTpoeHHoe b 6pay3ep xpaHM/iMme, KOTopoe 
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npeflCTaB/iaeT noAfle/ibHbie cepTnc|Di/iKaTbi unn 3ai±inc|DpoBaHHbix Be6- 
caPiTOB, no3BO/u^i KopnopaTUBHbiM ayAMTopaM OTc/ie>KHBaTb 
3aLUMCt)pOBaHHblM TpacjDMK. 

Ann noAo6Hbix c/iynaeB Mbi TaK>Ke npeAOCTaB/ifleM GnuPG k/ikdh, 
KOTopbM Mbi ncno/ib3yeM f\nn Toro, HTo6bi noAnucaTb KOHTpo/ibHyK) 
cyMMy o6pa3a, npeAOCTaB/ieHHoro HaMn. l/lASHTi/icf)HKaTopbi K/iKDna n 
ero OT/iMHMTe/ibHbie nepTbi noKa3aHbi Hn>Ke: 

pub rsa4096/0xED444FF07D8DGBF6 2012-03-05 [SC] [expires: 2018-02-02] 

Key fingerprint = 44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6 

uid [ full ] Kali Linux Repository <devel@kali.org> 

sub rsa4096/0xA8373E18FC0D0DCB 2012-03-05 [E] [expires: 2018-02-02] 

3tot k/ikdh flBrmeTCfl nacTbKD rno6a/ibHOM ceTM AOBepMfl, noTOMy hto 
oh 6bm noAnncaH KaK MMHHMyM mhom (PacjDaa/ieM XepuoroM), a n 
flB/iflKDCb nacTbK) 3 tom ceTi/i AOBepi/m 6/iaroAapa MoeMy HHTeHCMBHOMy 
ncnonb30BaHMK) GnuPG b KanecTBe pa3pa6oTHMKa Debian. 

MoAenb 6e3onacHOCTi/i PGP/GPG AB/iaeTCfl AOBO/ibHO TaKM 
yHHKa/ibHoPi. /1k)6oh MO>KeT creHepupoBaTb KaKoPi-/iM6o k/ikdh c 
/ 1 KD 60 M HASHTHHHOCTbK), HO Bbl CMODKeTe AOBepflTb 3T0My K/IKDHy 
TO/ibKO b tom c/iynae, ec/ 11/1 oh y>Ke 6bm noAnncaH Apyri/iM k/ikdhom, 
KOTopoMy Bbi tohho AOBepaeTe. KorAa Bbi noAnncbiBaeTe k/ikdh, Bbi 
noATBep>KAaeTe, hto Bbi BCTpena/iM B/iaAe/ibua k/ikdh3 h 3HaeTe, hto 
cooTBeTCTByKDmaa HAeHTHctDMKauHJi BepHa. I/I Bbi onpeAe/iaeTe 
HCXOAHblPi Ha6op K/IKDHePi, KOTOpbIM Bbl AOBepfleTe, HTO, OHeBMAHO, 
BK/iKDHaeT b ce6a Bam co6cTBeHHbiPi k/ikdh. 

3Ta MOAe/ib MMeeT cboh orpaHi/ineHMA, noaTOMy Bbi MO>KeTe Bbi6paTb 
3arpy3HTb ny6/iMHHbiPi k/ikdh Kali nepe3 HTTPS (m/ih c cepBepa 
K/iKDnePi) m npocTO peniHTb, hto Bbi AOBepaeTe eMy, t.k. oh coBnaAaeT 
C APyrHM, KOTOpbIM Mbi ny6/lMKOBa/lM BO MHOTHX MeCTaX, B k/ikdh a 51 M 
npMMep, yKa3aHHbiPi Bbime, b btom KHi/ire. 
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$ wget -q -0 - https://wvM.kali.org/archive-key.asc | gpg --import 

[ or ] 

$ gpg --keyserver hkp://keys.gnupg.net --recv-key ED444FF07D8DOBF6 

gpg: key 0xED444FF07D8D0BF6: public key "Kali Linux Repository <devel@kali.org>" imported 

gpg: Total number processed: 1 

gpg: imported: 1 (RSA: 1) 

[...] 

$ gpg --fingerprint 7D8D0BF6 

[...] 

Key fingerprint = 44C6 513A 8E4F B3D3 0875 F758 E044 4FF0 7D8D 0BF6 

[...] 


rioc/ie Toro, KaK Bbi n3B/ieHeTe k/ikdh, Bbi MOweTe ncno/ib30BaTb ero 
Arm npoBepKn KOHTpo/ibHoPi cyMMbi npeA-naraeMbix o6pa30B. flaBaPiTe 
CKanaeM cj^aPm c KOHTpo/ibHoPi cyMMoPi (SHA256SUMS) n CBfl3am-ibiM 
ct)aPi/iOM noAnMCM (SHA256SUMS.gpg) m 3aTeM npoBepMM noAnucb: 


$ wget http://cdimage.kali.org/current/SHA256SUMS 

$ wget http://cdimage.kali.org/current/SHA256SUMS.gpg 

[...] 

$ gpg --verify SHA256SUMS.gpg SHA256SUMS 

gpg: Signature made Thu 16 Mar 2017 08:55:45 AM MDT 

gpg: using RSA key ED444FF07D8D0BF6 

gpg: Good signature from "Kali Linux Repository <devel@kali.org>" 


Ec/im Bbi no/iyHHTe coo6meHne, noAo6Hoe TOMy, hto Bbi BHAe/ 11/1 Bbime 
"Good signature", to Bbi MO>KeTe cMe/io AOBep^Tb coAepwnMOMy 
cJoaPi/ia SHA256SUMS n ncnonb30BaTb ero Ann npoBepici/i Tex <£aPi.noB, 
hto Bbi cKana/in. B npoTUBHOM c/iynae B03Hm<aeT npo6neMa. BaM 
c/ieAyeT npoBepi/iTb, dcana/in nv\ Bbi c^aPin c 3aKOHHoro 
(ocJ^nuna/ibHoro) 3epKa/ia Kali Linux. 

06paTHTe BHMMaHHe, hto Bbi MO>KeTe i/icno/ib30BaTb c/ieAyKimyK) 
KOMaHAHyK) CTpoKy Arm toto, HTo6bi npoBepMTb i/iMeeT/in cKanaHHbiPi 
cJoaPi/i TaKyio >xe KOHTpo/ibHyK) cyMMy, KOTopaa yKa3aHa b 
SHA256SUMS, npi/i ycnoBni/i, hto 3arpy>KeHHbiPi ISO-cjDaPin HaxoAHTcm 
b tom we KaTa/iore: 


$ grep kali-linux-2017.l-amd64.iso SHA256SUMS | sha256sum -c 

kali-linux-2017.l-amd64.iso: OK 
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Ec/in b KanecTBe OTBeTa Bbi He no/iynn/in OK, Torfla c^an/i, KOTopbm 
Bbl CKana/lM, AB/lfleTCfl OT/lHHHblM OTTOTO, KOTOpbIM 6b 1/1 OCf)m4Ha/lbHO 
BbinymeH KOMaHAon Kali. OTOMy cranny He/ib3?i AOBep^Tb n ero He 

CTOHT MCn0/lb30BaTb. 

2.1.4 KonkipoBaHMe M3o6pa>KeHMfl Ha DVD-ROM v\nv\ USB 
Hocme/ib 


CaM no ce6e ISO o6pa3 nMeeT AOBO/ibHO orpaHnneHHoe npnMeHeHne, 
ec/in Bbi KOHenHO He xoTMTe ncnonb30BaTb Kali Linux TO/ibKO /inuib Ha 
Bi/ipTya/ibHoPi ManiMHe. B npoTMBHOM c/iynae, BaM Hy>KHO co3AaTb 
3arpy30HHbiM rv \ c k h/ih >Ke 3arpy30HHbin USB HaKonnTe/ib A-rm Toro, 
HTo6bi 3anycTMTb Bamy Mawi/my c Kali Linux. 

3Aecb Mbi He 6yAeM paccKa3biBaTb o tom, xax co3AaTb 3arpy30HHbin 
AHCK, T.K. 3T0T npOUeCC OHeHb CH/lbHO pa3HHTCfl B 3aBHCHMOCTH OT 
onepauMOHHOM cucreMbi, nnaTcjDopMbi n/in cpeAbi, ho b 6o/ibLunHCTBe 
c/iynaeB, npaBbin mejiHOK MbiuiKi/i Ha cj^an/ie .iso Bbi30BeT 
KOHTeKCTHoe MeHK), KOTopoe Bbino/iHHT npn/io>KeHMe npo>Knra DVD- 
ROM. flaBanTe nonpo6yeMl 

2.2 3arpy3Ka ISO o6pa3a Kali b pena/in/ie pea/ibHoro 
Bpe/v\eHM 

2.2.1 Ha peaAbHOM KO/vinbKrrepe 

BaM noHaAo6i/iTc?i /in6o npeABapnTe/ibHO noAroTOB/ieHHbin USB 
HaKonnTe/ib (icaic bto CAe/iaTb 6bmo AeTa/ibHO n3/io>KeHO b 
npeAbiAymeM pa3Aene) n/in 3arpy30HHbiPi auck c o6pa30M ISO Kali 
Linux. 

IOS/UEFI OTBenaeT 3a paHHnn npoqecc 3arpy3Kn i/i MOweT 6biTb 
HacTpoeH nepe3 nacTb nporpaMMHoro o6ecneHeHi/m noA Ha3BaHneM 
«HacTpoPiKa» (Setup). B Hacm-iocm, oh no3BormeT no.nb30BaTe.rmM 
Bbi6npaTb, Kaxoe 3arpy30HHoe ycrponcTBO AB/meTca 
npeAnoHTHTe/ibHbiM. B btom c/iynae Bbi xoTi/ue Bbi6paTb /in6o npnBOA 
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DVD-ROM, um6o USB-HaiconMTeub, b 33bmcmmoctm ot toto, KaKoe 
yCTpOMCTBO Bbl C03Aa/lM. 

3anycK nporpaMMbi ycraHOBKM o6bNHO BKUKDnaeT b ce6u oneHb 
6bicTpoe Ha>KaTne onpeAeueHHOM ku a b m lu m noc/ie BKUKDneHMu 
KOMnbKDTepa. Maine Bcero 3Ta KuaBMima uBuueTcu Del mum Esc, a 
MHorAa F2 mum F10. B 6oubiiiMHCTBe cuynaeB 3Ta KuaBMLua 
MOMeHTaubHO OTo6pa>KaeTcu Ha aicpaHe, KorAa KOMnbiOTep 
BKUfOHaeTcu, npe>KAe neM 3arpy3MTcu onepauMOHHau cMcreMa. 

KaK TOUbKO BIOS/UEFI npaBMUbHO HacrpoeH A-rm 3arpy3KM c Bamero 
ycTpoMCTBa, 3arpy3Ky Kali Linux mo>kho npoAOu>KMTb 6e3 oco6bix 
npo6ueM, npocTO BCTaBbTe 3arpy30HHbiM amck mum Bam USB 
HaiconMTeub m 3anycTMTe KOMnbKrrep. 


OtkjiiohMT e 6e3onacHyio 3arpy3Ky 

Xotu o6pa3bi Kali Linux MoryT 6biTb 3arpy>KeHbi b pe>KMMe UEFI, ohm 
H e noAAep>KMBaK)T pe>KMM 6e3onacHOM 3arpy3KM. Bbi AOu>KHbi 
3a6uoKMpoBaTb 3 to cBOMCTBa b «HacrpoMKax» (Setup). 


2.2.2 Ha BMpiyaubHOM MamMHe 

BupTyaubHbie MamMHbi MMeiOT MHOwecTBO npeMMymecTB Ann 
noub30BaTeueM Kali Linux. Ohm oco6eHHO noue3Hbi Ann Tex 
noub30BaTeueM, KOTopbie xotut onpo6oBaTb Kali Linux, ho He roTOBbi 
ycTaHOBMTb ee Ha cbokd MamMHy mum >Ke A-rm Tex, y koto ecTb 
AOBOUbHO MOLUHaU CMCTeMa M OHM XOTUT MCn0Ub30BaTb HeCKOUbKO 
OnepaqMOHHblX CMCTeM OAHOBpeMeHHO. 3T0 AOBOUbHO-TaKM 
pacnpocTpaHeHHbiM Bbi6op cpeAM mhotmx neHTecTepoB m 
npoc^eccMOHauoB b cc^epe 6e3onacHOCTM, KOTopbiM Hy>KeH AOCTyn k 
mMpoKOMy cneKTpy MHCTpyMeHTOB, npeAOcraBuueMbix Kali Linux, ho 
TaK>Ke mm no-npe>KHeMy Heo6xoAMMO MMeTb nouHbiM AOCTyn k mx 
nepBMHHOM onepauMOHHOM cMCTeMe. 3to TaK>Ke no3BOuueT mm 
apxMBMpoBaTb m 6e3onacHO yAauuTb BMpTyaubHyK) MamMHy m uK)6bie 
AaHHbie KUMeHTa, KOTopbie OHa MO>KeT coAepwaTb, 6e3 
Heo6xoAMMOCTM nouHOM nepeycTaHOBKM mx onepauMOHHOM cMCTeMbi. 
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OyHKUHM MOMeHTa/ibHoro cHMMKa Ann BnpTya/iM3aunn Tai<>Ke 
no3BO/i?iK)T zierKO 3KcnepnMeHTnpoBaTb c noTeHunanbHO onacHbiMM 
onepauMAMM, tokmmm KaK aHa/ 11/13 BpeAOHOCHbix nporpaMM, no3BO/iflfl 
nerico BbiPiTM, 3anycTMB pe>KHM BOccTaHOB/ieHMA npeAbiAymero 
MOMeHTa/ibHoro chmmio. 

CymecTByeT MHO>KecTBO MHcrpyMeHTOB Ann Bi/ipTya/in 3 a 141/1 h 
AOCT ynHbix 6onbiiiMHCTBy onepaunoHHbix ci/icreM, Bic-monaa 
VirtualBox®, VMware Workstation ®, Xen, KVM, n Hyper-V, m bto 
jimub HeMHorne H 3 hmx. B kohchhom cneTe, Bbi Bee paBHO 6yAeTe 
ncnonb 30 BaTb oahh m3 hmx, KOTopbiPi MAeanbHO cooTBeTCTByeT BaniMM 
3 aAanaM, ho 3 Aecb Mbi paccMOTpMM ABa caMbix Macro Mcno/ib 3 yeMbix 
MHCTpyMeHTa b KOHTeKCTe pa6onero cmna: VirtualBox® m VMware 
Workstation Pro®, 3anymeHHbiM Ha Windows 10 . Ec/im Bbi He 
OrpaHMHeHbl KOpnOpaTMBHOM nO/lMTMKOM M/1M KaKMMM-nM60 /IMHHblMM 
npeAnoHTeHMjqMM, Mbi peKOMeHAyeM BaM cHana/ia Mcno/ib 30 BaTb 
VirtualBox, t.k. OHa AB/iaeTCfl 6ecn/iaTHOM, ot/imhho pa6oTaeT (b 
6onbiiiMHCTBe c/iynaeB), MMeeT OTKpbiTbiM McxoAHbiPi koa m AB/iaeTCfl 
AOCTynHOM Ann 6o/ibiiiMHCTBa onepauMOHHbix cMCTeM. 

B c/ieAyK)meM pa3Ae/ie Mbi npeAno/io>KMM, hto y>Ke ycTaHOBM/iM 
COOTBeTCTByKDLUHM MHCTpyMeHT BMpTya/lM33UMM M 03HaK0MM/lMCb CO 
BceMM ocHOBHbiMM onepauMAMM, Heo6xoAHMbiMM Ann pa6oTbi. 

npeflBapMTe/ibHbie 3aMe«HaHkm 

HTo6bi no/iHOCTbK) BOcnonb30BaTbCjq npeMMymecTBaMM 

BMpTyanM3auMM, y Bac AO/i>KeH 6biTb npoueccop c cooTBeTCTByiOLUMMM 

CjDyHKUMjqMM BMpTya/lM 3 ai 4 MM, M OHM He AO/l>KHbl 6blTb OTK/IKDHeHbl B 

BIOS/UEFI. flBOMHajR npoBepKa Ann Bcex "Intel® Virtualization 
Technology" m/m/im "Intel® VT-d Feature" onuMM b MeHK) 
«HacTpoMKM» (Setup). 


y Bac TaK>xe AO/i>KHa 6biTb 64-pa3pflAHaa onepauMOHHaa cMcreMa, 
BpoAe amd64 apxMTeKTypbi Ann AncrpM6yTMBOB Linux Ha ocHOBe 
Debian, apxMTeKTypbi x86_64 Ann Linux Ha ocHOBe RedHat m Ann 
Windows... 64-pa3pflAHaa cMCTeMa Ann Windows. 

Ec/im y Bac He xBaTaeT nero-TO M3 Heo6xoAHMbix Tpe6oBaHMM Ann 
KoppeKTHoPi pa6oTbi, to MHCTpyMeHT BMpTya/iM3ai4MM /im6o He 6yAeT 
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pa6oTaTb ao/DKHbiM o6pa30M, /im6o oh 6yAeT orpaHi/ineH 3anycKOM 32- 
pa3paAHOM rocTeBoPi onepauMOHHOM ci/icTeMbi. 

BBMAy Toro, HTO MHCTpyMeHTbl BHpTya/lM3ai4MM nOAK/IKDHaKDTCfl K 
OCHOBHOM OnepaUHOHHOM CMCTeMe Ha HM3KOM ypOBHe, TO y Bac 
nOCTOflHHO 6yAyT B03HHKaTb HeCOBMeCTMMOCTM Me>KAy HMMM. He CTOHT 
o>KMA9Tb Toro, hto 3TM MHCTpyMeHTbi 6yAyT OAHOBpeMeHHO pa6oTaTb 
AOJl>KHblM 06pa30M. KpOMe TOTO, MMeMTe BBHAy, HTO 
npoc^eccMOHa/ibHbie Bepcm/i Windows MAyT cpa3y co BCTpoeHHbiM 1/1 
pa6oTaK)LUHM Hyper-V, KOTopbm b /ik>6om c/iynae 6yAeT 

KOHC)D/lMKTOBaTb C TeM MHCTpyMeHTOM BHpTya/lM3ai4HM, KOTOpblM Bbl 
Bbi6pa/in. 

HT 06 bl OTK/lKDHMTb erO, BbinO/lHMTe «BK/lK)HMTb l/l/ll/l OTK/IKDHMTb 
c^yHKUMM Windows» b HacrpoPiKax Windows. 


VirtualBox 

lloc/ie nepBOHana/ibHOM ycraHOBKi/i, rnaBHbiPi aicpaH VirtualBox 6yAeT 
BbirrmAeTb TaK, KaK noKa3aHO Ha pi/icyHKe 2.6, "Hana/ibHbiPi 3KpaH 
Virtual-Box" 
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9 Oracle VM V 

File Machine 


Help 


New Settings Discard Start, 


Details Li Snapshot* 


Welcome to VirtualBox! 


The left part of this window is a list of all virtual machines on your computer. The list is empty now 
because you haven't created any virtual machines yet. 

In order to create a new virtual machine, press the New button in the 
mam tool bar located at the top of the window. 

You can press the FI key to get instant help, or visit 
www.virtualbox.org for the latest information and news. 



F i gu re 2.6 VirtualBox s Start Screen 

Ha>KMHTe Ha New (Pi/icyHOK 2.7, "Ha3BaHi/ie m onepaui/iOHHaa 
CMCTeMa") HTo6bi 3anycTMTb Macrep, KOTopbiPi npoBeAeT Bac nepe3 
HecKO/ibKO LuaroB, Heo6xoAHMbix Ana bboas Bcex Heo6xoAHMbix 
napaMeTpoB A-na 3anycKa hobom Bi/ipTyanbHOM ManiMHbi. 
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? X 


Create Virtual Machine 


Name and operating system 


Please choose a descriptive name for the new virtual machine 
and select the type of operating system you intend to install 
on it. The name you choose will be used throughout VirtualBox 
to identify this machine. 


Name: 

Type: 

Version: 


Kali Linux 


Linux 

Debian (64-bit) 


- SB 




Expert Mode 


Next 


Cancel 


PMcyHOK 2.7 Ha3BaHwe w onepauMOHHaz 
CMcreMa 


Ha nepBOM mare, noi<a3aHHOM Ha Pi/icyHKe 2.7, "Ha3BaHne m 
onepaqMOHHafl cucTeMa", Bbi Aon>KHbi Ha3Hani/iTb mmjr A-rm CBoePi 
hobom BkipTya/ibHOM MamMHbi. Hcno/ib3yMTe "Kali Linux." Bbi TaK>Ke 
AOTDKHbl 0603HaHMTb, K3KyK) MMeHHO OnepaUMOHHyK) CMCTeMy Bbi 
xoTMTe ncnonb30BaTb. T.k. Kali Linux ocHOBaH Ha Debian GNU/Linux, 
Bbi6epeTe Tun ci/icreM Linux 1/1 Bepcmo Debian (32-pa3p?iAHafl) m/im 
Debian (64- pa3pflAHaa). Xota n\o6at\ Apyra n Bepci/m Linux, cicopee 
Bcero, 6yAeT pa6oTaTb, bto noMO>KeT OT/iMHaTb pa3/iMHHbie 
BkipTya/ibHbie Mawi/iHbi, KOTopbie Bbi, bo3mo>kho, 6yAeTe 
ycTaHaB/iMBaTb. 
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? X 


Create Virtual Machine 


Memory size 


Select the amount of memory (RAM) in megabytes to be 
allocated to the virtual machine. 

The recommended memory size is 768 MB. 



4 MB 4096 MB 


Next 


Cancel 


Figure 2.8 Memory Size 

Ha btopom 3Tane Bbi AO/i>KHbi peiiiMTb, cKO/ibKO naMATM 6yAeT 
BbiAeneHO BMpTya/ibHOM MaLumne. Xota peKOMeHAyeMbm pa3Mep 768 
MB 9\Br\9\eTC9\ npi/ieM/ieMbiM A-rm BMpTya/ibHOM MauiMHbi Debian, 
BbicTynaiomeM b po/iM cepBepa, 3Toro onpeAenem-io 6yAeT 
HeAOCTaTOHHO A-na 3anycKa HacmnbHOM CMCTeMbi Kali, oco6eHHO A-rm 
>kmbom CMCTeMbi Kali Linux, nocKO/ibKy >KMBaa cMCTeMa Mcno/ib3yeT 
naMj^Tb unn xpaHeHMfl M3MeHeHMM, KOTopbie 6bi/iM BHeceHbi b 
cJoaM/iOByK) cMCTeMy. Mbi peKOMeHAyeM yBe/iMHMTb 3HaneHMe ao 1500 
MB (pMcyHOK 2.8, «Pa3Mep naM3TM» [cTp. 28]) m HacTOflTenbHO 
peKOMeHAyeM BbiAe/iMTb He MeHee 2048 MB 03Y. 
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? X 


Create Virtual Machine 


Hard disk 


If you wish you can add a virtual hard disk to the new 
machine. You can either create a new hard disk file or select 
one from the list or from another location using the folder icon. 

If you need a more complex storage set-up you can skip this 
step and make the changes to the machine settings once the 
machine is created. 

The recommended size of the hard disk is 8.00 GB. 

O Do not add a virtual hard disk 
(§) Create a virtual hard disk now 
O Use an existing virtual hard disk file 

Empty w [y 


Create 


Cancel 


PliCyHOK 2.9 XeCTKMM /JMCK 


Ha TpeTbeM mare (cm. Pmc. 2.9, «>KecTKm/i ahck») BaM npeA/iaraeTCfl 
Bbl6paTb C(DM3MHeCKMM M/IM BMpTya/lbHblM >KeCTKMM AUCK HOBOM 

BkipTya/ibHoPi Mawi/iHbi. Xot n >KecTKm/i auck He Tpe6yeTca Arm 3anycKa 
Kali Linux b KanecTBe >kmbom ci/icreMbi, Ao6aBbTe ero, Arm npoqeAypbi 
ycraHOBKH, KOTopyK) Mbi npoAGMOHCTpnpyeM no3>Ke, b rnaBe 4 
«YcTaHOBKa Kali Linux». 
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? X 


Create Virtual Hard Disk 

Hard disk file type 

Please choose the type of file that you would like to use for the new virtual 
hard disk. If you do not need to use it with other virtualization software you 
can leave this setting unchanged. 

(•) VDI (VirtualBox Disk Image) 

O VMDK (Virtual Machine Disk) 

O VHD (Virtual Hard Disk) 

O HDD (Parallels Hard Disk) 

O QED (QEMU enhanced disk) 

O QCOW (QEMU Copy-On-Write) 


Expert Mode 


Next 


Cancel 


PucyHOK 2.10 Ti/in (pati/ia >KecTKoro /jMcica 


CoAepwi/iMoe wecTKoro A^cica BnpTya/ibHon Mawi/iHbi xpaHMTca Ha 
rnaBHoPi ManiHHe b Bi/iAe c^an/ia. VirtuBox cnoco6eH xpaHnTb 
coAep>KMMoe >KecTKoro A^CKa b HecKO/ibKi/ix cfjopMaTax (cm. Pmc. 2.10, 
«Ti/m cf>aM/ia >KecTKoro AncKa» [cTp. 30]): 3HaneHne no yMO/inaHHK) 
(VDI) cooTBeTCTByeT co6cTBeHHOMy cj^opMaTy VirtualBox; VMDK - 
(£opMaT, ncno/ib3yeMbiM VMware; QCOW - cjDopMaT, i/icno/ib3yeMbiM 
QEMU. CoxpaHjRMTe 3HaneHne no yMO/inaHHK), noTOMy hto y Bac HeT 
npi/IHMH ero M3MeHflTb. B03M0>KH0CTb MCn0/lb30BaTb HeCKO/lbKO 
c|)opMaTOB MHTepecHa maBHbiM o6pa30M, KorAa Bbi xoTHTe 
nepeMecTMTb BHpTya/ibHyio Mawi/my 1/13 OAHoro i/mcTpyMeHTa 
BMpTya/lM3ai4HM B APyrOM. 


42 








? X 

4 - Create Virtual Hard Disk 

Storage on physical hard disk 

Please choose whether the new virtual hard disk file should grow as it is used 
(dynamically allocated) or if it should be created at its maximum size (fixed 
size). 

A dynamically allocated hard disk file will only use space on your physical 
hard disk as it fills up (up to a maximum fixed size), although it will not shrink 
again automatically when space on it is freed. 

A fixed size hard disk file may take longer to create on some systems but is 
often faster to use. 

(§) Dynamically allocated 

O Fixed size 


Next ~| Cancel 

PucyHOK 2.11 XpaHeHMe Ha cpH3H^ecK0M 
MeCTKOM ftlACKe 

B noflCHHTe/ibHOM Teiccre Ha pi/icyHKe 2.11 «XpaHeHi/ie Ha 
c[)i/i3MHecKOM wecTKOM flncKe» [cTp. 31] neTKO ormcaHbi 

npei/iMymecTBa h HeAOCTaTKM Ai/maMMHecKoro m c^MKci/ipoBaHHoro 
pacnpeAeneHi/m auckob. B btom npi/iMepe Mbi ocTaBrmeM Bbi6op no 
yMonnaHHK) (AHHaMi/mecicoe pacnpeAeneHi/ie), nocKO/ibKy Mbi 

ncnonb3yeM HoyT6yK c SSD-AHCKaMM. Mbi He xothm TpaTi/iTb 
npocTpaHCTBO m He Hy>KAaeMc?i b Aono/iHMTe/ibHoPi AO/ie 

npon3BOAHTe/ibHOCTM, nocKO/ibKy Hama MaiunHa h T 3 K AB-rmeTca 
AOBO/lbHO 6blCTpOM. 
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? X 


Create Virtual Hard Disk 


File location and size 


Please type the name of the new virtual hard disk file into the box below or dick 
on the folder icon to select a different folder to create the file in. 


Kali Linux 


a 


Select the size of the virtual hard disk in megabytes. This size is the limit on the 
amount of file data that a virtual machine will be able to store on the hard disk. 



20l00 GB 


4,00 MB 


2.00 TB 


Create 


Cancel 


Figure 2.12 Fite Location and Size 


CraHAapTHbiM pa3Mep wecncoro Ai/icica no yMO/iHaHMK) 8 l~5, 

noi<a3aHHbiM Ha pi/icyHKe 2.12, «MecTono/io>KeHne m pa3Mep c(3aM/ia» 
[cTp. 32] HeAOCTaTOHeH A-nfl craHAapTHOM ycraHOBKM Kali Linux, 
noaTOMy yBe/iMHbTe pa3Mep ao 20 l~5. Bbi TaK>xe MO>KeTe HacrpoMTb 
mm 9\ m pacno/io>KeHMe o6pa3a Ancica. 3to MO>KeT 6biTb yAo6HO, ec/iM 
Ha >KecTKOM AncKe HeAOCTaTOHHO MecTa, hto no3BonaeT coxpaHATb 
o6pa3 Ha BHenmeM AHCKe. 
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- □ X 


Detafc l&J Snapshots 


HI Preview 


171 System 

Base Memory: 1500 MB 
Boot Order: Floppy, Optical, Hard Disk 

Acceleration: VT-x/AMD-v, Nested 
Pagng, PA E/KK, KVM 
Paravrtualzation 


0 Display 


Video Memory: 

12 NB 

Remote Desktop Server: 

Disabled 

Video Capture: 

Disabled 

j£/| Storage 


Controler: IDE 

IDE Secondary Master: 

[Optical Drive] kai-fcnux-ight-2016. l-amd64.iso (1011.13 MB) 

Controler: SATA 

SATA Port 0: 

Kal Lmux.vdi (Normal, 20.00 GB) 

17- Audio 

Host Driver: Windows DrectSound 

Controler: ICH AC 9 7 



Network 


PucyHOK 2.13 HoBafi BMprya/ibHafi 
MaLUMHa nofiB/ifjercfj b crmcKe 


Kali Linux 


Oracle VM VirtualBox Manager 
File Machine Help 

» m 

New Settings Discard Start 

fW ® ± __ 


§ General 


Name: Kali Unix 

Operating System: Deban (64-bit) 


1/lTaK, BkipTya/ibHaa Mawi/ma 6bma co3AaHa, ho Bbi Bee eme He MO>KeTe 
ee 3anycTMTb, noTOMy hto Ha HePi He ycraHOB/ieHa onepaui/iOHHafl 
CMCTeMa. Bbl T3K>Ke MO>KeTe BbICTaBMTb HeKOTOpbie HaCTpOMKM. 
Ha>KMMTe «HacTpoMKM» Ha aicpaHe «/}ncneTHep BkipTya/ibHOM 
Mai±ii/iHbi» m cei/inac Mbi nocrapaeMca paccMOTpeTb HeKOTOpbie M3 
Han6onee none3Hbix HacrpoeK. 


a Kali Linux - Settings 


m 

General 

a 

System 

[jljl Display 

Storage 


Audio 


Network 


Senal Ports 

O' 

USB 

a 

Shared Folders 

□ 

User Interface 


Storage 

Storage Tree 
^ Controler: IDE 


© Empty 


a Controler: SATA 
(£| Kal Lmux.vdi 


& E) 



□ Live CD/DVD (3 Choose Virtual Optical Disk File... 


Information Host Drive 'D:‘ 



PucyHOK 2.14 HacrpoMKM xpaneHMn 


Ha 3KpaHe XpaHeHi/m (pi/ic. 2.14 «HacTpoPiKi/i xpaHeHi/m» [cTp. 33]) 
BaM c/ieAyeT conocraBi/iTb o6pa3 ISO Kali Linux c BHpTya/ibHbiM 
ycTpoPicTBOM HTeHHfi CD/DVD-ROM. CHana/ia Bbi6epnTe npi/iBOA CD- 
ROM b cni/icice AepeBa xpaHeHi/ia, a 3aTeM me/iKHi/iTe 3HanoK 
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ManeHbKoro KOMnaKT-AMCKa cnpaBa, HTo6bi OTo6pa3MTb KOHTeKCTHoe 
M6HK), B KOTOpOM Bbl MO>KeTe Bbl6paTb C^aM/l BkipTya/lbHOrO 
onTunecKoro Ancica. 



PucyHOK 2.15 HacrpoMKM cMcreMbi: MarepiAHCKan nnara 

Ha cMCTeMHOM aKpaHe (Pi/icyHOK 2.15," HacrpoPiKM ci/icreMbi: 
MaTepHHCKaa n/iaTa" [cTp. 34]), Bbi HaPiAeTe BK/iaAKy «MaTepi/iHCKafl 
nnaTa». Y6eAHTecb, hto nop^AOK 3arpy3KM BbicTaB/ieH TaKi/iM 
o6pa30M, hto ci/icTeMa cHana/ia 6yAeT nbuaTbca 3arpy>KaTbCfl c 
onTMHecKMx npMBOAOB, npe>KAe neM 3arpy>KaTbCfl c >KecTKoro AncKa. 
Tai<>Ke Bbi cMO>KeTe HaPiTM BK/iaAKy, b kotopom Bbi MO>KeTe M3Mei-mTb 
od'beM naMfiTM, BbiAenem-ioPi Bi/ipTya/ibHoPi Maiumne, b c/iynae 
He 06 X 0 AHM 0 CTM. 
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@ Kali Linux - Settings 


X 


m 

General 

M 

System 

ID 

Display 

s 

Storage 


Audio 

#> 

Network 

0 

Serial Ports 

If 

USB 

a 

Shared Folders 

B 

User Interface 


System 

Motherboard Processor Acceleration 
Processor (s): ^ 


1CPU 


Execution Cap: 


1 % 


Extended Features: 0 Enable PAE/NX 


4 CPUs 

HJ ioo% : 
100% 


[ 


OK 


] 


Cancel 


Help 


PucyHOK 2.16 HacrpoMKM cMcreMbi: tlpoueccop 


Ha tom >Ke 3KpaHe, ho Ha BK/iaflKe "npoueccop" (PucyHOK 2.16, 
"HaCTpOMKM CMCTeMbi: npOpeCCOp" ), Bb! CMO>KeTe HaCTpOMTb 
KO/iMHecTBO npoueccopoB, KOTopoe 6yAeT MMeTb Bama BMpTya/ibHaa 
ManiMHa. Ba>KHO 3anoMHMTb, hto ec/iM Bbi Mcno/ib3yeTe 32-pa3pjRAHbiM 
o6pa3, pa3peiiiMTe PAE/NX, i/mane Kali o6pa3 He cMO>KeT 3arpy3MTbca, 
t.k. BapHaHT aa pa no yMO/inaHMK), Mcno/ib3yeMbiM Kali A-nfl 1386 (noA 
H33BaHneM "686-pae") cKOMnnnnpoBaH TaKMM o6pa30M, hto Tpe6yeT 
noAAep>KKM Physical Address Extension (PAE) b BameM npoqeccope. 

CymecTByeT TaK>Ke MHO>KecTBO ApyrMx napaMeTpoB, KOTopbie MoryT 
6biTb HacTpoeHbi, TaKMe KaK, HanpMMep, HacrpoMKM ceTi/i (KOTopbie 
onpeAermKrr, kokmm o6pa30M 6yAeT o6pa6aTbiBaTbca Tpa<t>MK Ha 
ceTeBoPi KapTe), ho Tex HacrpoeK, KOTopbie 6bmn onMcaHbi Bbime, 
Bno/iHe A0CT3T0HH0 f\r\9\ 3arpy3KM pa6onePi >kmbom CMCTeMbi Kali Linux. 
HaKOHeu, Ha>KMMTe «3arpy3Ka», m BMpTya/ibHaa MauiMHa AO/i>KHa 
3arpy3MTbca AO/i>KHbiM o6pa30M, KaK noKa3aHO Ha pi/icyHKe 2.17, 
«3KpaH 3arpy3KM Kali Linux b VirtualBox» [cTp. 36]. Ec/im >Ke btoto 
He npon30Lu.no, to BHMMaTe/ibHO npocMOTpMTe Bee HacrpoMKM m 
noBTopMTe nonbiTKy. 
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Kali Linux [Running] - Oracle VM VirtualBox 
File Machine View Input Devices Help 


"the quieter 



yon i=ht; 


more you are able to hear' 


Boot menu 

|Livc (amd64) 



Live (amd64 failsafe) 

Live (forensic mode) 

Live IJSB Persistence 

(check 

ka 1 i.org/prst) 

Liw USB Encrypted Persistence 
Install 

(check 

kali.org/prst) 

Graphical install 

Install with speech synthesis 
Advanced options 


> 


^^QSfiGlG^SJcTRL droite 


PucyHOK 2.17 3/cpan 3arpy3KM Kali Linux b VirtualBox 


VMware 

VMware Workstation Pro oneHb noxowa Ha VirtualBox , oco6eHHO, 
CBOMM MHTepct^eMCOM M CBOMCTBaMM, nOTOMy HTO OHM 06e 6blJ1M 
pa3pa6oTaHbi A/ia Mcno/ib30BaHM?i desktop usage, ho TeM He MeHee, 
npoqecc co3AaHMa hobom BMpTya/ibHOM ManiMHbi HeMHoro 
OThMHaeTCa. 
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Figure 2.18 VMware Start Screen 


Ha HananbHOM aicpaHe, noKa3aHHOM Ha pi/icyHKe 2.18, «HaHa/ibHbm 
3KpaH VMware» [cTp. 37], OTo6pa>KaeTCfl 6o/ibi±iafl KHonKa «Co3AaTb 
HOByK) BkipTya/ibHyK) Mai±ii/iHy», 3anyci<aK)Luafl Macrep, KOTopbm 
noMO>KeT BaM co3AaTb Bi/ipTya/ibHyio Mawi/my. 


New Virtual Machine Wizard 


X 



Welcome to the New Virtual 
Machine Wizard 

Whet type of configuration do you want’ 

(•) Typical {recommended)! 

Create a Workstation 12.0 virtual machine 
n a few easy steps. 


O Custom (advanced) 


Create a vrtual machne with advanced 
options, such as a SCSI controler type, 
virtual dsk type and compaObfity vwth 
older VMware products. 


Heb 


| Men! > ~| Cancel 


Figure 2.19 New virtual Machine Wizard 


Ha nepBOM 3Tane Bbi AO/i>KHbi pewi/iTb, xcm/iTe /in Bbi no/iyni/iTb 
MHCjDOpMaUMK) 0 paCLUMpeHHbIX HaCTpOMK3X B npOqeCCe yCTaHOBKM. B 
3tom npMMepe oco6bix Tpe6oBaHi/ii/i HeT, no3TOMy Bbi6epnTe o6bNHyK) 
ycTaHOBKy, xax noxasaHO Ha pi/icyHKe 2.19, «MacTep co3AaHi/m hobom 
BkipTya/ibHoPi Mai±ii/iHbi» 
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New Virtual Machine Wizard X 

Client Operating System Installation 

A virtual machine is Ike a oh ysical comouter; it needs an operating 
system, how wd you instal the guest operating system? 

Instal from: 

O Instate dsc: 

CD Onve <D0 J.CCSAJ^RE JN-G6J5VS 

(•) Instate dec image He (so): 

|~c 7 \L)sersVta[ihaelHerttociPownloads)M | -fr 1 uir-liBht-i v] [ Browse... j 

J\ CoJd not detect which operating system is in ths dsc image, 
you wi need to specify which operating system wd be nstaAed. 

Ol wd instal the operating system later. 

The virtual machine wi be created with a Mark hard dsk. 

i-et Qad Next > Cancel 

PucyHOK 2.21 Bbi6epMre rocreByto onepapiAonnyK) CMcreMy 


Korfla onepaMMOHHaa ci/icreMa (OC) He 6yAeT o6Hapy>KeHa Ha 
Bbi6paHHOM ISO-o6pa3e, MacTep cnpoci/iT Bac, KaKoPi Tun rocreBoPi OC 
Bbi co6npaeTecb 3anycTMTb. Bbi flo/i>KHbi Bbi6paTb onepaqHOHHyK) 
CMCTeMy «Linux» A-na OC m BepcMK) «Debian 8.x», xax noKa3aHO Ha 
pkicyHKe 2.21, «Bbi6epnTe rocTeByK) onepaui/iOHHyK) cncTeMy» [crp. 
38]. 
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New Virtual Machine Wizard X 

Name the Virtual Machine 

What name would you like to use for this virtual machine? 


Virtual machine name: 
Kali Linux| 


Location: 


Closers Raphael Her tzog documents \Virtual Machines V<ali Linu 


Browse... 


The default location can be changed at Edit > Preferences. 


< Back 


Next > 


Cancel 


PucyHOK 2.22 Ha30BMTe BMprya/ibHyK) Mami/iHy 


Bbi6epnTe "Kali Linux" b KanecTBe i/iMem/i A-rm BHpTyanbHoPi Mamm-ibi. 
(PkicyHOK 2.22, "Ha30BMTe BupTyanbHyio ManiMHy"). KaK m b 
VirtualBox, y Bac TaK>Ke ecTb B03M0>KH0CTb xpaHUTb c^aPinbi 
Bi/ipTyanbHOM ManiMHbi b anbTepHaTi/iBHOM MecTe. 
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New Virtual Machine Wizard X 

Specify Disk Capacity 

How large do you want this disk to be? 


The virtual machine's hard disk is stored as one or more files on the host 
computer's physical disk. These file(s) start small and become larger as you 
add applications, files, and data to your virtual machine. 

Maximum disk size (GB): | 20.0 t 

Recommended size for Debian 8.x 64-bit: 20 GB 


O Store virtual disk as a single file 

© jspit virtual dis k in to m dtipie fi jesj 

Splitting the disk makes it easier to move the virtual machine to another 
computer but may reduce performance with very large disks. 


Help 


< Back 


Next > 


Cancel 


PucyHOK 2.23 YKa>KMTe eMKOCTb /]i/icKa 


Pa3Mep wecTKoro AHCKa no yMO/inaHUK) yi<a3aH 20 TB (pncyHOK 2.23, 
«YKa>KMTe eMKOCTb flMCKa» [CTp. 40]) M 3T0r0 06 bNHO AOCTaTOHHO, HO 
Bbi MO>KeTe HacTpoMTb ero 3Aecb b 3aBncnMOCTM ot o>KMAaeMbix 
noTpe6HOCTeM. B OT/n/iHi/ie ot VirtualBox, KOTopbm MO>KeT 
ncnonb30BaTb TO/ibKO oahh cjoaM/r pa3/ikiHHoro pa3Mepa, VMware 
MMeeT B03MO>KHOCTb XpaHHTb COAep>KMMOe AHCKa B HeCKO/lbKMX 
c|DaM/iax. B o6omx c/iynafix ue/ibio ABrmeTCfl coxpaHeHi/ie auckoboto 
npocTpaHCTBa xocra. 
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New Virtual Machine Wizard X 

Ready to Create Virtual Machine 

Click Finish to create the virtual machine. Then you can instal Debian 8.x 
64-bit. 


The virtual machine will be created with the fblowing settings: 


Name: 

Kali Linux * 

Location: 

C:VJsersRaphael Hertzogpocuments\Virtual Machin... 

Version: 

Workstation 12.0 

Operating System: 

Debian 8.x 64-bit 

Hard Disk: 

20 GB, Split 

Memory: 

512 MB 

Network Adapter: 

NAT 

Other Devices: 

CD/DVD, USB Controller, Prnter, Sound Card v 


Customize Hardware... 


< Back 


Finish 


Cancel 


PucyHOK 2.24 r otob k C03/jai-MK) BMpryaribHOM MauiMHbi 

VMware Workstation Tenepb HacrpoeHa f\r\9\ co3AaHna hobom 
BMpTya/ibHoPi ManiMHbi. OHa OTo6pa>KaeT cnucoK Bcex penieHHi/i, 
KOTopbie Bbi np\AH9\n\A b npoqecce HacrponKH TaK, hto Bbi MO>KeTe 
npoBepMTb flBa>Kflbi Banin HacrponKn nepeA co3AaHneM BnpTya/ibHon 
ManinHbi. 06paTHTe BHHMaHHe, hto MacTep peninn pa3MecTHTb Ha 
BnpTya/ibHon Mawi/me TO/ibKO 512 MB 03Y, Hero HeAOCTaTOHHO, 
nosTOMy Ha>KMHTe «HacTponTb o6opyAOBaHi/ie ...» (pncyHOK 2.24 
«r otobo k co3AaHnio BnpTya/ibHon ManinHbi» [cTp. 41]) n Bbi6epnTe 
HacTponKy «naMJTTb», KaK noi<a3aHO Ha pncyHKe 2.25, «HacTponKa 
annapaTHoro OKHa» [CTp. 42]. 
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Figure 2.25 HacrpoMKa annaparnoro OKHa 


noc/ie noc/ieAHero HawaT v\n khoiikm «roTOBO» (Finish) (pucyHOK 2.24 
«rOTOB K C03A9HMK) BMpTya/lbHOM Mai±IMHbl»), BMpTya/lbHafl MaLUMHa 
6yAeT HacTpoeHa m MO>KeT 6biTb 3anymeHa HawaTi/ieM KHonKi/i 
«BK/iK) L iMTb 3Ty Bi/ipTya/ibHyK) MaLUHHy» ('Power on this virtual 
machine), KaK noKa3aHO Ha pi/icyHKe 2.26, «roTOBaa BHpTya/ibHaa 
ManiMHa Ann Kali Linux». 
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Figure 2.26 rOTOBafj BMpryaribHafi MauiMHa Arm Kali Linux 


2.3 riOABeAe/vi morn 

B 3tom r/iaBe Bbi y3Ha/in o pa3/ii/NHbix ISO o6pa3ax Kali Linux, Tax>xe 
Bbi BbmcHMriM, Kax npoBep^Tb m cKanuBaTb i/ix, m no/iyHi/mi/i 
nomaroByK) i/mcTpyxui/iK) o tom, iok co3AaBaTb 3arpy30HHbiPi USB 
HaKoni/iTe/ib, ncno/ib3yfl flaHHbie o6pa3bi, Ha pa3Hbix onepaui/iOHHbix 
CMCTeMax. Mbi Taioxe o6cyAnnn, xax 3arpy3MTb USB Haxoni/iTe/ib m 
y3Ha/lM, KaK HaCTpOHTb BIOS M BbICTaBHTb CTapTOBbie HaCTpOMXM Ha 
pa3/iMHHbix annapaTHbix n/iaTc^opMax, Taxi/iM o6pa30M, HTo6bi 
3arpy3xa Lima HenocpeACTBeHHO c USB HaxonMTerm. 

T/iaBHoe M3 pa3fle/ia: 

www.kali.org AB/meTca eAUHCTBeHHbiM ocf)m4Ma/ibHbiM caPiTOM A-rm 
3arpy3xn ISO o6pa3a Kali. He ctomt cxanMBaTb o6pa3bi c Apyri/ix 
pecypcoB, t.x. bth ct>aM/ibi MoryT coAep>xaTb BpeAOHOCHoe 
nporpaMMHoe o6ecneHeHne. 

BcerAa npoBep^MTe sha256sum cbomx 3arpy30x xoMaHAOM 
sha256sum, HTo6bi y6eAHTbca b noA-nnHHOCTi/i cxanaHHoro BaMi/i ISO 
c^ai/ma. Ecn\A oh He cooTBeTCTByeT, nonpo6yPiTe ncno/ib30BaTb A-rm 
cxani/iBaHi/m ApyroPi mctohhmx. 

Bbi AO/i>KHbi 3anncbiBaTb Kali Linux ISO o6pa3 Ha 3arpy>xaeMbiM 
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HaKonnTe/ib, ec/ii/i Bbi xoTHTe Hcno/ib30BaTb ero Ha pea/ibHOH 
ManiHHe. Mcnonb3yPiTe Win32 Disk Imager Ha Windows, yTH/iHTy 
Disks Ha Linux, h/ih dd KOMaHAy Ha Mac OS X/macOS. ByabTe oneHb 
ocTopo>KHbi, 3anncbiBaji o6pa3. Ec/ih Bbi Bbi6epnTe He tot ahck A-na 
3an hch, Bbi cMOweTe 6e3B03BpaTH0 noBpeAHTb aaHHbie, xpaHALunecfl 
Ha BameH ManiHHe. 

BbicTaBbTe Heo6xoanMbie HacrpoHKH b 3KpaHax BIOS/UEFI Ha IIK h/ih 
yAep>KHBaPiTe K/iaBHiuy Option Ha OS X/macOS, HTo6bi no3BO/inTb 
ManiHHe 3arpy>KaTbC}q c USB HaKonHTe/ur 

llporpaMMbi Ann co3AaH ha BnpTya/ibHOH ManiHHbi VirtualBox h 
VMware Workstation Pro flB/iflK)TCfl oco6eHHO no/ie3HbiMn Ann rnoAePi, 
KOTopbie xotat onpo6oBaTb Kali Linux, ho He roTOBbi ycraHOBHTb ee 
Ha cbok) ManiHHy h/ih >Ke A-n^ Tex, y koto ecTb AOBO/ibHO MOLUHafl 
CMCTeMa H OHH XOTflT HCn0/lb30BaTb HeCKO/lbKO OnepaUHOHHblX CMCTeM 
OAHOBpeMeHHO. 

Tenepb, Koraa y Bac ecTb pa6onafl, ycraHOB/ieHHafl Bepcna Kali Linux, 
npmuno caMoe BpeMA ymy6HTbCfl b n3yneHMe c^yHAaMeHTa/ibHbix 
ochob Linux, KOTopbie Heo6xoAHMbi A-rm 6a30Boro h npoABHHyToro 
ncnonb30BaHHjq Kali. Ecrm Bbi AB/ifleTecb no/ib30BaTeneM Linux c 
yMepeHHbIM H/IH paCLUHpeHHbIM ypOBHeM 3H3HHH, Bbi MO>KeTe /lHLUb 
6er/io 03HaK0MHTbca co c/ieAyK)LueH maBOH 
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HacTb 3: OcHOBbi Linux 


Coflep>KaHMe: 

3.1 Hto TaKoe Linux i/i hto oh Ae/iaeT? 

3.2 KoMaHAHaa crpoica 

3.3 OaPmoBaa ci/icreMa 

3.4 no/ie3Hbie KOMaHAbi 

3.5 noABeAeM MTorn 

K/iK)HeBbie c/iOBa maBbi: 

• Hapo Linux; 

• nonb30BaTe/ibCKoe npocTpaHCTBo; 

• KoMaHAHaa CTpoKa; 

• Bash; 

• Mepapxi/ifl cj^akinoBOM CMCTeMbi; 

• Unix KOMaHAbi; 


57 



npe>KAe neM Bbi cMO>KeTe ocBOMTb Kali Linux, Bbi AO/i>KHbi cbo6oaho 
Opi/ieHTl/ipOBaTbCfl B OCHOBHbIX nOHflTMflX CMCTeMbl LinUX. YMeHMe 
pa6oTaTb c Linux 6yAeT oneHb no/ie3HbiM HaBbiKOM, noTOMy hto Ha 
cepBepax Linux pa6oTaeT 6o/ibiuoe KO/iMnecTBO Be6-caMTOB, 
3/ieKTpoHHOM noHTbi m ApyrMx MHTepHeT-c/iy>K6. 

B A9HH0M pa3Ae/ie Mbl C 06 npaeMCJR pa3"bflCHMTb OCHOBHbie nOHflTMfl 
CBa3aHHbie c Linux. Bbino/iHflfl nocTaB/ieHHyK) nepeA HaMM 3aAany Mbi 
no/iaraeM, hto Bbi ywe MMeeTe npeACTaB/ieHHe o KOMnbKrrepHbix 
CMCTeMax b qe/iOM, BK/uonafl TaKMe KOMnoHeHTbi KaK ueHTpa/ibHbiM 
npoueccop (Un), onepaTMBHaa naMATb (03Y), MaTepMHCKaa n/iaTa, 
>KecTK mm auck, a TaK>xe ApyrMe KOHTponnepbi m ycrpoMCTBa, 
CB?13aHHbie C HMMM. 


3.1 Hto TaKoe Linux m hto oh Ae/iaeT ? 

TepMMH «Linux» nacro Mcno/ib3yeTCfl A-rm o6o3HaneHMfl Been 
onepauMOHHOM CMCTeMbl, ho Ha caMOM Aene Linux - bto nA po 
onepaMMOHHOM CMCTeMbl, KOTopoe 3anycKaeTCfl Hana/ibHbiM 
3arpy3HMKOM, 3anycKaeMbiM BIOS / UEFI. FIapo 6epeT Ha ce6a po/ib, 
noxo>KyK) Ha po/ib Anpnwepa b opKecTpe, oho o6ecnenMBaeT 
cornacoBaHHyK) pa6oTy annapaTHbix cpeACTB m nporpaMMHoro 
o6ecneneHMfl. Rannan po/ib noApa3yMeBaeT noA co6om ynpaB/ieHMe 
o6opyAOBaHneM, npoqeccaMM, no/ib30BaTe.nflMn h c^aM/iOBbiMM 
CMCTeMaMH. FIapo npeACTaB/ifleT co6om o6myK) 6a3y A-rm Apyri/ix 
nporpaMM, pa6oTaK)mnx b ashhom cMcreMe, m name Bcero 3anycKaeT 
ring zero , TaK>Ke i/i3BecTHoe, KaK npocrpaHCTBO napa (kernel space). 


ll0/1b30BaTe/1bCK0e npOCTpaHCTBO 

Mbi ncno/ib3yeM TepMMH «no/ib30BaTe.nbCKoe npocTpaHCTBO», HTo6bi 
o6"beAHHMTb Bee, hto npoMcxoAHT 3a npeAe/iaMM AApa. 

CpeAH nporpaMM, pa 6 oTaK>mnx b npocTpaHCTBe no/ib30BaTe/ifl, MHoro 
OCHOBHbIX yTM/IMT M3 npoeKTa GNU, 60 /lbLUMHCTBO M3 KOTOpbIX 
npeAHa 3 HaneHO Ann 3 anycKa M 3 KOMaHAHOM ctpokm. Bbi MO>KeTe 
Mcnonb30BaTb mx b cueHapMflx Ann aBTOMaTM3auMM pa3/iMHHbix 3aAan. 
flono/iHMTe/ibHyio MHc^opMauMio o HaM 6 o/iee Ba>KHbix KOMaHAax cm. b 
pa3Ae/ie 3.4 «flone3Hbie KOMaHAbi» . 
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flaBaMTe 6bicTpo paccMOTpMM pa3/iMHHbie 3aflann, Bbino/ii-meMbie 
aapom Linux. 


3.1.1 3anycK o6opyAOBaHM« 

Ha3HaHem/ieM aa pa, npe>KAe Bcero, ABrmeTCfl ynpaB/ieHMe m KOHTpo/ib 
HaA ocHOBHbiMM KOMnoHeHTaMM KOMnbKDTepa. Oho o6Hapy>KMBaeT m 
HacTpaMBaeT mx, KorAa KOMnbKrrep BK-monaeTCfl, a TaK>Ke KorAa 
ycTpoucTBO MOHTi/ipyeTCfl m/im M3B/ieKaeTCjR (HanpMMep, USB 
ycrpoi/icTBo). 3to TaK>Ke Ae/iaeT mx AOcrynHbiMM A-nfl 6o/iee 
BbicoKoypoBHeBoro nporpaMMHoro o6ecneneHMfl 6/iaroAapfl 
ynpomeHHOMy nporpaMMHOMy MHTepc^eMcy, noaTOMy npM/io>i<eHMfl 
MoryT Mcno/ib30BaTb npeMMymecTBa ycrpoi/icTB, He o6pamaflCb k 
AeTa/iJRM, HanpMMep k c/iOTy pacuiMpeHMA, b KOTopbiM BcraB/ieHa 
nnaTa. flporpaMMHbiM MHTepcJ^eMC TaK>Ke npeAOCTaB/ifieT 
onpeAe/ieHHbiM ypoBeHb a6cTpaKUMM; bto no3BO/iaeT Mcno/ib30BaTb 
o6opyAOBaHMe A-rm npoBeAeHMA BMAeoKOHcjDepeHUMM, HanpMMep, 
Mcnonb30BaTb Be6KaMepy He3aBMCMMO ot ee MOAe/iM m 
npoM3BOAHTe/ia. llporpaMMHoe o6ecneneHMe MO>KeT Mcno/ib30BaTb 
MHTepcjDeMC Video for Linux (V4L) m aapo 6yAeT nepeBOAHTb Bbi30Bbi 
MHTepcj^eMca b pea/ibHbie annapaTHbie KOMaHAbi, Heo6xoAHMbie A-rm 
pa6oTbi KOHKpeTHOM Be6-KaMepbi. 

51apo BKcnopTMpyeT AaHHbie 06 o6Hapy>KeHHOM o6opyAOBaHMM nepe3 
BMpTya/ibHbie cMCTeMbi /proof m /sys/. npM/io>KeHMfl Macro no/iynaiOT 
AOCTyn k ycTpoPicTBaM c noMombK) c^ai/moB, co3AaHHbix b /dev/. 
Oco6bie c^aM/ibi, npeACTaB/iaiOLUMe auckm (HanpMMep, /dev/sda), 
pa3Ae/ibi (/dev/sdal), MbiniM (/dev/input/mouseO), K/iaBMaTypbi 
(/dev/input/eventO), 3ByKOBbie KapTbi (/dev/snd/*), 
noc/ieAOBaTe/ibHbie nopTbi (/dev/ttyS*) m ApyrMe KOMnoHeHTbi. 

CymecTByeT Aaa TMna c^ai/moB ycTpoMCTB: 6/iOHHbie m cMMBO/ibHbie. 
nepBbie MMeKDT xapaKTepMCTMKM 6/iOKa AaHHbix: ohm mmckdt 
KOHeHHbiPi pa3Mep, m Bbi MO>KeTe no/iyHMTb AOCTyn k 6aMTaM b /ik>6om 
no3MUMM 6/iOKa. nocneAHMe BeAyT ce6 n KaK noTOK cmmbohob. Bbi 
MO>KeTe HMT3Tb M nMCaTb CMMBOJlbl, HO Bbi He MO>KeTe MCK3Tb 
33AaHHyK) n03M14MK) M M3MeHflTb npOM3BO/lbHbie 6aMTbl. HT 06 bl y3HaTb 
TMn c^aM/ia ycrpoi/icTBa, npoBepbTe nepByio 6yKBy BbiBOAa KOMaHAbi 
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Is -1. 3to MOweT 6 biTb /im 6 o b, A-rm 6 /iOHHbix ycrpoPicTB, /im 6 o c, A-rm 
CMMBO/lbHblX yCTpOMCTB! 


$ Is -l /dev/sda /dev/ttyS0 

brw-rw- 1 root disk 8, 0 Mar 21 08:44 /dev/sda 

crw-rw- 1 root dialout 4, 64 Mar 30 08:59 /dev/ttyS0 


Kai< Bbi y>xe bo3mo>kho AoraAa/iMCb, ahckm m pa3Ae/ibi ncno/ib3yK)T 
6/iOHHbie c(DaMjnbi ycrpoPicTB, b to BpeMA KaK Mbiuib, K/iaBMaTypa m 
noc/ieAOBaTe/ibHbie nopTbi ncno/ib3yK)T cMMBO/ibHbie c^ai/mbi 
ycTpoPicTB. B o6omx cnynaflx nporpaMMHbiM MHTepcjDeMC BK/iKonaeT b 
ce6a cneuna/ibHbie KOMaHAbi, KOTopbie MoryT 6biTb aKTMBMpoBaHbi 
nepe3 cMCTeMHbiM Bbi30B ioctl. 


3.1.2 OGteAMHeHMe (f>aMAOBbix ci/icre/vi 

OaPi/iOBbie cMcreMbi nBnntojcn Ba>KHbiM acneKTOM aa pa. CMcreMbi, 
ocHOBaHHbie Ha Unix, o6'beAHHflK)T Bee xpaHM/iMLua c|3aM/iOB b OAHy 
MepapxMK), hto no3BormeT no.nb30BaTe.nflM m npM/io>KeHMflM no/iynaTb 
Aocryn k AaHHbiM, 3Ha a mx MecTono/io>KeHMe b npeAe/iax btom 
M epapxMM. 

OTnpaBHaa tohio 3Toro MepapxMHecicoro AepeBa Ha3biBaeTCfl root, 
npeACTaB/ieHHbiM cmmbo/iom "/"■ flaHHafl AnpeKTopMfl MO>KeT 
coAep>KaTb MMeHOBaHHbie cy6-AnpeKTopnn. HanpMMep, AOMauiHAfl 
cy6-AnpeKTopna «/» Ha3biBaeTCjR /home/. 3Ta cy6-AnpeKTopMfl, b 
cbok) onepeAb, MO>KeT coAepwaTb Apyrue cy6-AnpeKTopnn m t.a. 
Ka>KAafl AnpeKTopi/m TaK>Ke MO>KeT coAepwaTb c^aPi/ibi, b KOTopbix 
6yAyT xpaHMTbCfl c^ai/mbi. TaKMM o6pa30M, 

home/buxy/Desktop/hello.txt othocmtca k c^aPi/iy noA H33BaHneM 
hello.txt, KOTopbiM xpaHMTCfl b cy6-AnpeKTopnn Desktop, 
HaxoA^meMCfi b buxy cy6-AnpeKTopnn AOManiHero KaTanora, 
KOTopbiM npMcyTCTByeT b root. 51apo KOMm/irmpyeT Me>KAy AaHHoPi 
CMCTeMOM MMeH0B3HMfl M MeCTOM XpaHeHMfl Ha AUCKe. 

B OT/iMHi/ie ot ApyrHx cucTeM, Linux 06 /iaAaeT TO/ibKO oahom TaKoPi 
1 /iepapxneM m MO>KeT MHTerpMpoBaTb AaHHbie c HecKO/ibKMx ahckob. 
OAHH M3 T3KMX AUCKOB CTaHOBMTCfl TOOt, a APyrMe MOHTMpytOTCfJ Ha 
AMpeKTopMM b MepapxMM (3Ta KOMaHAa b Linux Ha3biBaeTCfl mount). 
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3th flpyrne auckh 3aTeM craHOBATCfl AOcrynHbiMH noA TOHKaMH 
MOHTMpoBaHna (mount points ) 3to no3BO/ifleT xpaHUTb 
nonb30BaTe/ibCKne AOManiHue AnpeKTopnn (KOTopbie o6bNHO 
xpaHATca Ha /home/) Ha OTAe/ibHOM >KecTKOM AncKe, KOTopbiPi 6yAeT 
coAepwaTb AnpeKTopMK) buxy (BMecTe c AOMauiHHMH AnpeKTopnaMH 
ApyrHx no/ib30BaTe/iePi). noc/ie Toro, KaK Bbi ycraHOBH/iH auck b 
/home/, 3th KaTa/iorn craHOBATCfl AOcrynHbiMH b hx o6bNHOM MecTe, 
a pa3/ii/NHbie nyTH, TaKHe KaK /home/buxy/Desktop/hello.txt, 
npoAon>KaK)T pa6oTaTb. 

CymecTByeT MHO>KecTBO c^opMaTOB c^aPmoBoPi cncreMbi b 
COOTBeTCTBMH C MHO>KeCTBOM Cn 0 C 060 B C|}H3HHeCKOrO XpaHeHHJl 
AaHHbix Ha AncKax. Han6onee LunpoKO M3BecTHbi ext2, ext3 h ext4, 
ho cymecTByKDT h ApyrHe. HanpHMep, \ /FAT AB/iaeTCfl c|)aPi.noBoPi 
CMCTeMoPi, KOTopaa MCTopHHecKM ncnonb30Banacb DOS h 
onepauMOHHbiMi/i cncTeM3Mn Windows. noAAep>KKa VFAT 
onepauHOHHoPi cncreMoPi Linux no3BO/ifleT wecTKHM AncKaM 6biTb 
AOCTynHbiMM KaK noA Kali, TaK h noA Windows. B /ik)6om c/iynae, Bbi 
Aon>KHbi noAroTOBHTb c^aPmoByK) cncreMy Ha AncKe, npe>KAe neM 
CMOHTHpoBaTb ee, h 3Ta onepauna Ha3biBaeTca cpopMarnpoBaHneM. 

KoMaHAbi, TaKHe KaK mkfs.ext3 (rAe mkfs pacLUHc^poBbiBaeTCfl KaK 
MaKe FileSystem) o6pa6aTbiBaeT c|)opMaTnpoBaHne. B KanecTBe 
napaMeTpa bth KOMaHAbi Tpe6yK)T ct>aPi.n ycTpoPicTBa, 
npeACTaB/i^KDmuPi pa3Ae/i, KOTopbiPi cnenyer OTcf)opMaTnpoBaTb 
(HanpHMep, /dev/sdal, nepBbiPi pa3Ae/i Ha nepBOM AncKe). 3Ta 
onepauna yHMHTO>KaeT Bee AaHHbie h AO/i>KHa 3anycKaTbca mnbKO 
oahh pa3, ec/in KOHenHO Bbi He xoTHTe cTepeTb cf)aPi/iOByK) CMCTeMy h 
HanaTb HOByio pa6oTy. 

EcTb TaK>Ke ceTeBbie cj^aPi/iOBbie cncTeMbi, TaKHe KaK NFS, KOTopbie He 
xpaHAT AaHHbie Ha ziOKa/ibHOM AncKe. Bmccto 3Toro AaHHbie 
nepeAaiOTca nepe3 ceTb Ha cepBep, KOTopbiPi xpaHHT hx h BbiAaeT no 
nepBOMy Tpe6oBaHHK). 5/iaroAapfl a6cTpaKUHH cJoaPi/iOBoPi cncTeMbi 
BaM He Hy>KHO 6ecnoKOHTbCfl o tom, KaK btot auck noAK/noneH, TaK 
KaK c|)aPi.nbi ocTaiOTca AOCTynHbiMH no cBoeMy o6bNHOMy 
nepapxHHecKOMy nyTH. 
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3.1.3 YnpaB/ieHMe npou,eccaMM 


npouecc flBrmeTCfl ncno/ihmeMbiM 3K3eMnrmpoM nporpaMMbi, Ann 
KOTopon Tpe6yeTCA xpaHMTb naMATb, KaK caMon nporpaMMbi, TaK n ee 
pa6onnx AaHHbix. 51 apo OTBenaeT 3a co3AaHne n OTc/ie>KHBaHne 
npoueccoB. KorAa nporpaMMa 3anycKaeTC5i, napo cHana/ia BbiAermeT 
HeKOTopyio naMATb, 3arpy>KaeT ncno/iHfleMbiM koa m 3 c^an/iOBon 
cncTeMbi b 3Ty naMATb, a 3aTeM 3anycKaeT koa- Oh coAepwnT 
MHcjDopMauMK) 06 3tom npouecce, Han6o/iee 3aMeTHbiM M3 KOTopbix 
nBnnejcn MAeHTnc^nKaunoHHbiM HOMep, M3Becn-ibiM KaK 
M/jeHTMcpMKarop npopecca (process identifier (PID)). 

BO/lbLUMHCTBO COBpeMeHHbIX OnepaUMOHHblX CMCTeM, a MMeHHO Te, 
KOTopbie pa6oTaK)T Ha ocHOBe Unix aa pa, BK/uonafl Linux, cnoco6Hbi 
BbinO/lHflTb MHO>KeCTBO 3aAaH. flpyri/IMM C/lOBaMM, OHM n03B0.TmK)T 
CMCTeMe 3anycKaTb mhokoctbo npoueccoB OAHOBpeMeHHO. Ha caMOM 
Aene cymecTByeT TO/ibKO oahh 3anymeHHbin npouecc b /ik) 6 om 
MOMeHT BpeMeHM, ho aapo Ae/iMT BpeMjR npoueccopa Ha He6o/ibiune 
c^parMeHTbi m 3anycKaeT Ka>KAbin npouecc no onepeAH. llocKO/ibKy 
3tm BpeMeHHbie cpe3bi oneHb KopoTKne (b MM/i/iMceKyHAax), ohm 
co3AaK)T BHeniHMM bma npoueccoB, pa6oTaK>mnx napa/uie/ibHO, xota 
OHM aKTMBHbl TO/lbKO B TeHeHMe MX BpeMeHHOTO MHTepBa/13 M 
6e3AeMCTByK)T b ocTa/ibHoe BpeMfl. Ochobhom 3aAaHen aa pa nBnnercn 
HaCTpOMKa MeX3HM3M0B n/iaHMpOBaHMfl T3KMM 06pa30M, HT 06 bl 
COXpaHMTb 3T0T BHeLLIHMM BMA, OAHOBpeMeHHO yBe/lMHMBafl 
np0M3B0AHTenbH0CTb CMCTeMbl. EC/1M 0Tpe30K BpeMeHM 6yAeT 
c/imlukom A-nnHHbiM, MO>KeT nepecTaTb OTBenaTb AO/i>KHbiM o6pa30M. 
Hy a ec/iM >Ke ohm 6yAyT c/imlukom kopotkmmm, cMCTeMa 6yAeT Tep^Tb 
c/imlukom MHoro BpeMeHM Ha nepeK/iLoneHMe Me>KAy hmmm. noAo6Hbie 
pemeHMfi mo>kho pery/iMpoBaTb c noMombK) npMopMTeTOB npoueccoB, 
KorAa BbicoKonpMopMTeTHbie npoueccbi 6yAyT Bbino/iHATbca b 
TeneHMe 6o/iee A-nuTe/ibHbix nepMOAOB BpeMeHM m c 6o/iee nacTbiMM 
BpeMeHHbiMM cpe3aMM, neM npoueccbi c hm3kmm npMopMTeTOM . 


My/ibTunpoMeccopHbie CucTeMbi (m apyme BapuaHTbi) 

OrpaHMneHMfi, onMcaHHbie Bbime, o tom, hto OAHOBpeMeHHO MO>KeT 
pa6oTaTb TO/ibKO oahh npouecc, npMMeHMMbi He bo Bcex cnTyaun^x. 
Bo/iee BepHO 6yAeT CKa3aTb, hto oaho %Apo MO>KeT pa6oTaTb TO/ibKO 
c oahmm npoueccoM. MHoronpoueccopHbie, MHoroHAepHbie m/im 
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mnepnoTOKOBbie cMcreMbi no3BO/iflK)T HecKO/ibKMM npoueccaM 
pa6oTaTb napanne/ibHO. TeM He MeHee, Mcno/ib3yeTCfl OAHa m Ta >Ke 
CMCTeMa coKpameHMjq BpeMeHM A-rm o6pa6oTKM cMTyauMM, KorAa ecTb 
6o/iee aKTMBHbie npoqeccbi, neM AOCTynHbie npoueccopHbie napa. 3to 
He nannejcn neM-TO Heo6bNHbiM: 6a30Baa CMCTeMa, Aawe no/iHOCTbK) 
6e3AeMCTByK>ma5q, noHTi/i BcerAa MMeeT AecflTKM 3anymeHHbix 
npoqeccoB. 


flAPO no3BO/iaeT 3anycKaTb HecKO/ibKO He3aBncnMbix 3K3eMn.rmpoB 
oahom m tom >xe nporpaMMbi, ho Ka>KAOMy pa3peuiaeTCfl Aocryn TO/ibKO 
K C06CTBeHHblM BpeMeHHbIM Cpe3aM M naMfITM. TaKMM 06pa30M, HX 
AaHHbie ocTa k)tca He3aBMCMMbiMM. 


3.1.4 YnpaBAeHMe npaBaMM 

Unix cMCTeMbi noAAep>KMBaK)T MHO>KecTBO no/ib30BaTenePi m rpynn m 
no3BonjRK)T KOHTpo/inpoBaTb npaBa AOCTyna. B 6o/ibLUMHCTBe 
c/iynaeB, npouecc onpeAermeTca no.nb30BaTe.neM, KOTopbiPi 3anycKaeT 
ero. flaHHbiPi npouecc MOweT Bbino/iHATb TO/ibKO Te asmctbma, 
KOTopbie pa3peujeHbi ero B/iaAe/ibuy. HanpMMep, OTKpbrme c(oaM/ia 
Tpe6yeT ot aa pa npoBepMTb npouecc Ha Ha/iMHMe Heo6xoAHMbix npaB 
(Arm no/iyneHi/m 60/ibiuePi MH<£opMauMM KOHKpeTHO no 3T0My 
npMMepy, cm. pa3Ae/i 3.4.4, "YnpaB/ieHMe npaBaMM") 


3.2 KoMaHAHan CTpoKa 

nOA «KOMaHAHOM CTpOKOM» Mbl nOApa3yMeBaeM TeKCTOBbIM 
MHTepcjDeMC, KOTOpbIM n03B0/meT BBOAHTb KOMaHAbl, BbinO/lHflTb MX M 
npocMaTpMBaTb pe3y/ibTaTbi. Bbi MO>KeTe 3anycTMTb TepMMHan 
(TeiccTOBbiM 3KpaH BHyTpM rpact>M nee koto pa6onero CTona m/im 
TeKCTOByK) KOHco/ib BHe nK)6oro rpacj^MHecKoro MHTepcbePica) m 
MHTepnpeTaTop KOMaHA BHyTpM Hero (060/io^Ka). 


3.2.1 KaK 3anycTmb KOMaH^HyK) CTpoKy 
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Korfla Bania cMCTeMa pa6oTaeT npaBi/mbHO, caMbiM npocTbiM cnoco6oM 
no/iyneHi/m Aocryna k KOMaHAHOM cTpoKe AB/ifleTca 3anycK TepMi/ma.na 
b rpacjDMHecKOM ceaHce pa6onero cmna. 



PucyHOK 3.1 3anycK repMMHa/ia 
GNOME 


Hanpi/iMep, b cucTeMe Kali Linux no yMO/inaHmo, GNOME TepMMHan 
MOweT 6biTb 3anymeH M3 cni/icxa M36paHHbix npi/mo>KeHm/i. Taxwe Bbi 
MO>xeTe BBecTM «terminal» b OKHe Activities (okho, KOTopoe 
aKTHBkipyeTca, xorfla Bbi nepeABi/iraeTe Mbinib b neBbm BepxHi/m yron) 
M Ha>KMMTe Ha Heo6xOAHMOM BaM MKOHKe npnnO>KeHHJR, KOTOpbie 
nojRBjRTCfi (PucyHOK 3.1, "3anycK TepMMHana GNOME"). 

B c/iynae KaKnx-nn6o Hapyi±ieHi/m m/im HexoppeKTHOM pa6oTbi Bamero 
rpacJ^MHecKoro HHTepc^ePica Bbi Bee paBHO MOweTe 3anycn/iTb 
KOMaHAHyK) CTpOKy Ha BMpTya/lbHblX KOHCOJlflX (AO LUeCTM M3 HHX 
MoryT 6biTb AOCTynHbi nepe3 mecTb KOM6nHaunM K/iaBmu, Hani/maa c 
CTRL + ALT + FI m 3aKaHHMBafl CTRL + ALT + F6 - K/iaBmuy CTRL 
mo>kho He Ha>KMMaTb, ec/iM Bbi y>xe HaxoAHTecb b tckctobom pe>KMMe 
BHe rpacj^MHecKoro MHTep<t>eMca Xorg v\nv\ Wayland). 

Bbi no/iynaeTe o6bNHbiM axpaH bxoas, rAe Bbi bboahtc cbom /iotmh h 
napo/ib, nepeA TeM KaK no/iyHMTb AOCTyn k kom3hahom crpoxe c ee 
o6o/iohkom: 
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Kali GNU/Linux Rolling kali-rolling tty3 

kali-rolling login: root 

Password: 

Last login: Fir Mar 25 12:30:05 EDT 2016 from 192.168.122.1 on pts/2 

Linux kali-rolling 4.4.0-kalil-amd4 #1 SMP Debian 4.4.6-lkalil (2016-03-18) x86_64 

The programs included with the Kali GNU/Linux system are free software; 
the exact distribution terms for each program are described in the 
individual files in /usr/share/doc/*/copyright. 

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent 
permitted by applicable law. 
root@kali-rolling 


llporpaMMa, o6pa6aTbiBaK)Luan BBeAem-ibie BaMi/i AaHHbie i/i 
Bbino/mei-me Bawi/ix KOMaHA, Ha3biBaeTcn o 6 o / io^kom ( shell i/mi/i 
MHTepnpeTaTOpOM KOMaHAHOM CTpOKM). no yMO/lHaHMK) o6o/iohkom, 
npeAOCTaB/iaeMOM b Kali Linux, nBnneTcn Bash (bto 03HanaeT Bourne 
Again SHell ). KoHeHHbiPi cmmbo/i «$» nni/i «#» yi<a3biBaeT, hto 
060/iOHKa o>KMAaeT Bamero bboas. 3tm cuMBO/ibi TaK>Ke yKa3biBaK)T 
Ha to, KaKi/iM o6pa30M BOcnpi/mi/iMaeT Bac Bash, KaK o6bNHoro 
no/ib30BaTe/ifi (nepBbiM cnyHai/i co 3H3HK0M AO/i/iapoM) m/im KaK 
cynepno/ib30BaTe/ifi (nocneAHMi/i c/iynaM c xanieM). 


3.2.2 OcHOBbi KOMaHAHOM CTpoKM: npocMOTp AepeBa 
AMpeKTopkiM m ynpaBAeHMe 4>aMna/viM 

AaHHbm pa3Ae/i npeAOCTaBnneT numb KpaTKi/m o63op HeKOTopbix 
KOMaHA, Ka>KAan M3 KOTOpbIX HMeeT MHO>KeCTBO pa3nnHHbix onqHM M 
B03M0>KH0CTeM, He onncaHHbix 3Aecb, no3TOMy, noxanyPicTa, 
o6paTMTecb k o6i±imphom AOKyMeHTaqMM, AOCTynHOM b 
COOTBeTCTByKDLUHX CTpaHMLiaX py K0B0ACTB3. B TeCTMpOBaHHflX Ha 
npoHMKHOBeHMe, name Bcero Bbi 6yAeTe nonynaTb AOCTyn k cMcreMe 
nepe3 o6onoHKy, nocne ycneiimoro 3KcnnyaTnpoBaHnn, a He nepe3 
nonb30BaTenbCKMM rpa<t>MHecKMM MHTep<£eMC. YMeHMe rpaMOTHO 
nonb30BaTbcn KOMaHAHOM ctpokom nBnneTcn Heo6xoAHMbiM A-rm Bac, 
ecnM Bbi xoTMTe Aocn/Nb ycnexa KaK cneuManMCT b cc^epe 
6e3onacHOCTn. 

KaK TonbKO ceaHc 3anymeH, KOMaHAa pwd (KOTopan 
pacwM^poBbiBaeTcn KaK print working directory (oro6pa3MTb 
pa6o^nn Karanor)) BbiBeAeT Ha 3KpaH Bame TeKymee 
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MecTono/iowehme b c^aPmoBoPi cMcreMe. Bame Teicymee 
MecTonono>KeHMe mo>kho n3MeHMTb c noMombK) KOMaHAbi cd Ha3Bai-Me 
AMpeKTopMM (rfle cd 03HanaeT (cMeHUTb AkipeKTopnK))). Btom c/iynae, 
ec/iM Bbi He yKa3a/iM AMpeKTopMK), KyAa xoTMTe nepePiTM, Bbi 
aBTOMaTMHeCKM BepHeTeCb B Bailiy AOMai±IHK)K) flMpeKTOpMK). Ec/im Bbi 
BBefleTe cd to Bbi BepHeTecb b npeAbiAymyK) pa6onyK) AMpeKTopMK) 
(b Ty, b KOTopoPi Bbi HaxoAM/iMCb nepeA bboaom noc/ieAHePi KOMaHAbi 
cd). PoAHTe/ibCKMPi KaTa/ior BcerAa Ha3biBaeTca .. (ABe tohkm), b to 
B peMjq KaK TeKymHPi KaTa/ior o6o3HanaeTCfl . (oahoPI tohkoPI). 
KoMaHAa Is no3BO.rmeT BaM nepevMCJiMTb coAep>KHMoe AMpeKTopMM. 
Ec/im Bbi He yi<a3biBaeTe Aono/iHMTe/ibHbix napaMeTpoB KOMaHAa Is, 
OTo6pa3MT coAep>KMMoe TeKymePi AMpeKTopMM. 

$ pwd 

/home/buxy 

$ cd Desktop 
$ pwd 

/home/buxy/Desktop 
$ cd . 

$ pwd 

/home/buxy/Desktop 
$ cd .. 

$ pwd 

/home/buxy 
$ Is 

Desktop Downloads Pictures Templates 
Documents Music Public Videos 


Bbi MO>KeTe co3AaTb HOByio AMpeKTopMK) c noMombK) KOMaHAbi nnkdir 
Hd3BdHi/ie AMpeKTopMM, a TaK>Ke yAa/iMTb cymecTByiomyK) (nycTyio) 
AMpeKTopMK) C nOMOLUbK) KOMaHAbi TITldir Ha3BahWe AMpeKTopMM. 
KoMaHAa mv no3BO/iMT BaM nepeMeiuarb m nepeMMeHOBbiBaTb c^aPi/ibi 
m AMpeKTopMM; y/ja/iMTb cjoaPi/i mo>kho c noMombK) rim Ha3Bahme 
(patina, a KormpoBaHMe cjoa Pi/ia Bbino/iHaeTCfl c noMombK) cp 
Mcxo/]Hbiti-patin peneBoti-patin. 
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$ mkdir test 




$ Is 
Desktop 

Downloads 

Pictures 

Templates 

Videos 

Documents 

Music 

Public 

test 


$ mv test 

new 




$ Is 
Desktop 

Downloads 

new 

Public 

Videos 

Documents 

Music 

Pictures 

Templates 


$ nadir new 




$ Is 
Desktop 

Downloads 

Pictures 

Templates 

Videos 

Documents 

Music 

Public 




06onoHKa Bbino/ihmeT KawAyio KOMaHAy, 3anycKaa nepByK) 
nporpaMMy c AaHHbiM MMeHeM, KOTopyK) OHa HaxoAHT b KaTa/iore, 
yKa3aHHOM b nepeMeHHOM cpeAe PATH. Maine Bcero btm nporpaMMbi 
HaxoA^Tc^ b /bin, /sbin, /usr/bin mjim /usr/sbin. HanpMMep, KOMaHAa 
Is HaxoAHTca b /bin/ls; 1/lHorAa KOMaHAa Hanp^Myio o6pa6aTbiBaeTCfi 
o6o/iohkom, m b 3tom c/iynae OHa Ha3biBaeTca BcrpoeHHoPi KOMaHAoPi 
o6o/iohkm (cpeAH hmx - cd m pwd); KOMaHAa type no3BO/iaeT 
3anpOCMTb TMn K3>KA0Pi KOMaHAbl. 

$ echo (PATH 

/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 

$ which Is 

/bin/ls 

$ type rm 

rm is /bin/rm 

$ type cd 

cd is a shell builtin 


06paTMTe BHMMaHMe Ha ncno/ib30BaHne KOMaHAbl echo, KOTopaa 
npocTO OTo 6 pa>KaeT crpoKy b TepMMHa/ie. B ashhom c/iynae, OHa 
ncno/ib3yeTc?i A-rm BbiBOAa Ha 3KpaH coAep>KMMoro nepeMeHHoPi 
cpeAbi, t.k. 060 /iOHKa aBTOMaTHnecKM 3aMeH5qeT nepeMeHHbie c mx 
3HaHeHMfiMn nepe BbinormeHMeM KOMaHAHoPi ctpokm. 


nepeMeHHbie cpeAbi 

nepeMeHHbie cpeAbi no3BO.rmK)T xpaHMTb rno6a/ibHbie HacrpoPiKM A-rm 
o6o/iohkm m/im ApyrMX nporpaMM. Ohm jrb/ijrkdtcjr KOHTeKCTya/ibHbiMM, 
ho Hac/ieAyeMbiMM. HanpMMep, Ka>KAbiPi npouecc MMeeT cboPI 
co6cTBeHHbM Ha6op nepeMeHHbix cpeAbi (ohm AB/iaiOTCfl 
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KOHTeKCTya/ibHbiMM). 06 o/iohkm, TaKkie KaK o6o/iohkm BxoAa, MoryT 
oS'bflB.rmTb nepeMeHHbie, KOTopbie 6yAyT nepeAaHbi ApyrMM 
Mcno/iHjqeMbiM nporpaMMaM (ohm HacneAyKrrcfl). 

3tm nepeMeHHbie MoryT 6biTb onpeAe/ieHbi KaK f\r\ 9 \ cMCTeMbi 
B/etc/profile TaK m A-rm no.nb 30 BaTe.nfl b~/ .profile, ho nepeMeHHbie, 
KOTopbie He flBrmiOTCfl xapaKTepHbiMM A-rm MHTepnpeTaTopoB 
KOMaHAHoPi ctpokm, /lyniue BCTaB/ijRTb b /etc/environment, nocKO/ibKy 
3tm nepeMeHHbie 6yAyT BBeAeHbi bo Bee no/ib 30 BaTe/ibCKMe ceccMM 
6/iaroAapfl noAK/nonaeMOMy MOAy/iK) ayTeHTMcj^MKauMM (Pluggable 
Authentication Module (PAM)) - Aa>Ke ec/iM HMKaKafl 060/iOHKa He 
Bbino/iHfleTCfl. 


3.3 Qaft/iOBafl ci/icreMa 

3.3.1 CiaHAapT nepapxMM <t>aMAOBOM cucieMbi 

KaK m Apyrne AncTpM6yTMBbi Linux, Kali Linux opraHM30BaH b 
cooTBeTCTBMM co craHAapTOM Filesystem Hierarchy Standard (FHS), 
hto no3BO/ifleT nonb30BaTe/iBM Apyrnx AncTpM6yTMBOB Linux c 
nerKOCTbK) opMeHTMpoBaTbCB b Kali. FHS onpeAermeT Ha3HaneHMe 
K3>KA0M AHpeKTOpMM. flMpeKTOpMM BepXHerO ypOBHfl 0nMCblB3K)TCfl 
C/ieAyKDLUHM 06pa30M. 

/bin/ ocHOBHbie nporpaMMbi 

/boot/ flflpo Kali Linux n .qpyrue c^an/ibi, Heo6xoflHMbie f\nn ero paHHero 
npopecca 3arpy3Kn 

/dev/ c^au/ibi ycrpoucTBa 

/etc/ cpaM/ibi KOHcjDnrypaunn 

/home/ nnMHbie c^au/ibi no.nb30BaTe.neu 

/lib/ ocHOBHbie 6n6nnoTeKn 
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/media/ 

TOMKM MOHTMpOBaHMfl CbeMHbIX yCTpOMCTB (CD-ROM, USB 

HaKormTe/iM m t.a.) 

/mnt/ 

BpeMeHHbie TOMKM MOHTMpOBaHMfl 

/opt/ 

flono^HMTe/ibHbie npMJio>KeHMfl, npeflocraB/ifleMbie TpeTbMMM /i m pa mm 

/root/ 

jiMMHbie cjDaM/ibi a/jMMHMCTpaTopa (cjjaM/ibi root) 

/run/ 

HenocTOflHHbie c^aM/ibi pa6oMero npopecca, KOTopbie He coxpaHfliOTCfl 
noc/ie nepe3arpy3KM (eme He BK/ifoneHHbie b FHS) 

/sbin/ 

cMCTeMHbi nporpaMMbi 

/srv/ 

flaHHbie, ncno^b3yeMbie cepBepaMM, pacno/io>i<eHHbiMM b 3tom CMCTeMe 

/tmp/ 

BpeMeHHbie cjjaMJibi (3Ta flnpeKTopnfl Macro onycTowaeTCfl noc/ie 
nepe3arpy3Kn) 

/usr/ 

npn^o>KeHMfl (3Ta flMpeKTopMfl b fla/ibHeMweM pa3,qejifleTCfl Ha bin, sbin, 
lib cor/iacHO TaKOM we /iorm<e, mto m b flnpeKTopnM root). KpoMe toto, 
/usr/share/ co^epwaT .qaHHbie c He3aBMCMMOM apxMTeKTypoM. KaTa/ior / 
usr / local / npeflHa3HaneH p,nn ncno/ib30BaHi/m aflMMHMcrpaTopoM f\nn 
ycTaHOBKM npM/ioweHMM BpyMHyio 6e3 nepe3anncn cjjaM/iOB, 

o6pa6aTbiBaeMbix cncreMon naKeTMpoBaHMA 

/var/: 

nepeMeHHbie flaHHbie, o6pa6aTbiBaeMbie fleMOHOM. 3 to BK/iiOMaeT b ce6n 
c^an/ibi wypHa/ioB, onepeflM, Gycjjepbi m KewM. 

/proc/ n 
/sys/ 

AB/iniOTCfl xapaKTepHbiMM f\nn a^pa Linux (m He 3 bji5ikdtc5i MacTbio FHS). 
Ohm ncno/ib3yiOTCfl flflpoM f\nn 3KcnopmpoBaHMfl flaHHbix b 
no/ib30BaTe/ibCKoe npocTpaHCTBO. 


3.3.2 Aowawhmfl ^MpeKTopMfl no/ib30Baie/ifl 
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Coflep>KHMoe no/ib30BaTe/ibCKOM AnpeKTopMM He AB/iaeTCfl 
cTaHflapTH3MpoBaHHbiM, ho, TeM He MeHee, cymecTByeT HecKO/ibKO 
3acny>KHBaK)mnx BHMMaHMfl ycnoBHOCTePi. OflHa H3 hhx 3aK/iK)HaeTCfl 
b tom, hto nonb30BaTe/ibCKnPi flOMaiiiHHPi KaTa/ior nacTO 
o6o3HaHaeTCjq TM/ibAoPi ("~"). 3to oneHb no/ie3HO 3HaTb, noTOMy hto 
HHTepnpeTaTopbi KOMaHA aBTOMaTMnecKM 3aMeHAK)T TM/ibAy BepHoPi 
flnpeKTopnePi (KOTopaa HaxoAHTca b nepeMeHHoPi cpefle HOME h Hbe 
o6biHHoe 3HaHeHkie AB/ifleTca /home/user/). 

TpaflMUMOHHO c|)aPi.nbi KOHc|)Mrypai4MM npM/io>i<eHMfl nacro xpaHATca 
HenocpeACTBeHHO b BameM AOMaumeM KaTanore, ho mx MMeHa 
Ct^aPi/lOB 06 blHH 0 HaHMHaKJTCfl C TOHKM (HanpMMep, K/lkieHT 
aneKTpoHHoPi noHTbi mutt xpaHHT KOHc|)Mrypai4MK) b ~/.muttrc). 
06paTHTe BHHMaHi/ie, hto HMeHa c|)aPi.noB, HaHMHaK)mnecfl c tohkm, no 
yMO/inaHMK) cKpbiTbi; KOMaHAa Is nepenMc/iMT hx jiml ub, b tom c/iynae 
ec/iM yKa3aHa onuMA -a, a rpacj^HHecKi/ie c^aPmoBbie MeHeAwepbi 
AO/l>KHbl 6blTb flBHO HaCTpoeHbl 0 T 06 pa>KeHMfl CKpbITbIX C^aPi/lOB. 

HeKOTopbie nporpaMMbi TaK>Ke ncno/ib3yK)T HecKO/ibKO ct>aPi.noB 
KOHct>nrypauMn, opraHM30BaHHbix b oahom KaTa/iore (HanpMMep, 
~/.ssh/). HeKOTopbie npMJio>KeHMfl (HanpMMep, Be6-6pay3ep Firefox) 
Tai<>Ke Mcno/ib3yK)T cboPI KaTa/ior f\r\9\ xpaHeHMA Kema 3arpy>KeHHbix 
AaHHbix. 3 to 03HanaeT, hto btm KaTa/iorM MoryT b kohchhom MTore 
noTpe6/uqTb MHoro AHCKOBoro npocTpaHCTBa. 

3tm cjDaPinbi KOHcf)MrypauMM, KOTopbie xpaHATCfl np^MO b BamePi 
AOManmePi AnpeKTopMM, nacTO KO/ineKTMBHO Ha3biBaK)mnecfl dotfiles, 
AO/iroe BpeMa pacLUMpaiOTCfl ao TaicoPi cTeneHM, hto btm AnpeKTopMM 
MoryT 6biTb 3arpoMO>KAeHbi mmm. K cnacTbK), coBMecTHafl pa6oTa noA 
arMAoPi FreeDesktop.org npMBe/ia k co3AaHMK) cneuM^MKauMM 
6a30Boro KaTanora XDG (XDG Base Directory Specification) 
KOHBeHUMM, ue/ibK) KOTopoPi AB/ifleTCfl OHMCTKa 3tmx c|)aPinoB M 
KaTa/ioroB. B 3ToPi cneuMcf)MKauMM yKa3aH0, hto c^aPi/ibi 
KOHcf)MrypauMM AO/i>KHbi xpaHMTbca B~/.config, cj^aPinbi Kama b - 
/.cache, a cjoaPi/ibi AaHHbix npMno>KeHMn b -/.local (miim bmx cy6- 
AMpeKTopM^x). 3Ta KOHBeHUMjq nocTeneHHO Ha6MpaeT o6opoTbi. 

rpacj^MHecKMPi pa6oHMPi cto/i name Bcero Mcnonb3yeT npnbiKM A-rm 
OTo6pa>KeHMfl coAep>KMMoro KaTanora /Desktop/ (miim /iK)6oro 
Apyroro c/iOBa, KOTopoe nBnneTcn TOHHbiM nepeBOAOM ashhoto, b 
CMCTeMax, KOTopbie He Mcno/ib3yK)T aHmMPicKMPi n 3biK ). HaKOHeu, 
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CMCTeMa 3/ieKTpOHHOM nOHTbl MHOrAa XpaHMT BXOflflmMe nMCbMa B 
KaTa/iore - /Mail/. 

3.4 l1o/ie3Hbie KOMaHflbi 

3.4.1 OTo6pa>KeHMe m M3MeHeHMe TeKCTOBbix 4>aM/iOB 

KoMaHAa cat Ha3Banne patina (npeAHa3HaneHa Arm coeAHHem/m 
c^ai/moB A-rm CTaHAapTHoro ycrpoPicTBa BbiBOAa) HMTaeT c^akin m 
OT o6pa>KaeT ero coAep>KMMoe b TepMMHa/ie. Ec/im c^aPm AB/meTCA 
C/1MLUKOM 60Jlbl±IMM, HT06bl 6blTb BbIBeASHHbIM Ha 3Kp3H, Bbl MO>KeTe 
ncno/ib30BaTb neMA>Kep A-rm Toro, HTo6bi OTo6pa>KaTb ero no 
CTpaHMuaM. 

KoMaHAbi peAaKTMpoBaHMjR 3anycKaK)T TeKCTOBbiM peAaKTop (TaKOM 
Kax Vi mum Nano), KOTopbiM no3BO/meT co3AaBaTb, peAaKTMpoBaTb m 
HMT aTb TexcTOBbie c^aM/ibi. CaMbie npocTbie ct)aM/ibi MoryT 6biTb MHorAa 
co3AaHbi npjRMO M3 MHTepnpeTaTopa KOMaHA 6/iaroAapfl 
nepeHanpaBneHMfiM: KOMaHAa command >file co3AacT c^aM/i c 
MMeHeM file , KOTopbiM 6yAeT coAepwaTb BbiBOA ashhom KOMaHAbi. 
KoMaHAa command >>file CAenaeT npaKTMHecKM to >Ke caMoe KpoMe 
Toro, HTO OHa npMCOeAHH5qeT BbiBOA KOMaHAbl BMeCTO Toro, HT06bl 
nepe3anMCbiBaTb ero. 

$ echo "Kali rules!" > kali-rules.txt 
$ cat kali-rules.txt 

Kali rules! 

$ echo "Kali is the best!" » kali-rules.txt 
$ cat kali-rules.txt 

Kali rules! 

Kali is the best! 


3.4.2 riOMCK C|)aMAOB M AaHHbIX BHyTpM Cj)aMAOB 

KoMaHAa find Kpnrepnti AnpeKTopnn MmeT c^aM/ibi b MepapxMM noA 
anpeKTOpi/ieti B COOTBeTCTBMM C HeCKO/lbKMMM KpMTepMfIMM. CaMbIM 
Macro Mcno/ib3yeMbiM KpMTepMM 3 to -name mmsi (patina, KOTopbiM 
no3BO/meT MCKaTb c^aPm no ero mmchm. Bbi Ta K>Ke MO>KeTe 
Mcno/ib30BaTb o6mne noAcraHOBOHHbie 3H3 km, TaKMe Kax «*» b 
noMcxe MMeHM cjDaM/ia. 
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$ find /etc -name hosts 

/etc/hosts 

/etc/avahi/hosts 

$ find /etc -name "hosts*" 

/etc/hosts 

/etc/hosts.allow 

/etc/hosts.deny 

/etc/avahi/hosts 


KoMaHAa grep Bbipawehwe (fiannoB Bbino/ihmeT noi/icK coAep>KMMoro 
cjDaM/iOB i/i M3B/ieKaeT ctpokm, cooTBeTCTByiOLUMe pery/iapHOMy 
Bbipa>KeHMK). flo6aB/ieHne napaMeTpa -r no3BormeT peKypcMBHbiM 
noi/icK no BceM c^ai/maM, HaxoAflLUHMca b KaTa/iore. 3to no3BO.rmeT 
BaM MCKaTb dpawn, KorAa Bbi 3HaeTe TO/ibKO nacTb ero coAep>KMMoro. 


3.4.3 YnpaBAeHMe npou,eccaMM 

KoMaHAa ps aux nepeni/icrmeT npoueccbi, KOTopbie b AaHHbiM MOMeHT 
3anymeHbi b cMcreMe m noMoraeT MASHTMcjDMUMpoBaTb mx, noKa3biBaa 
mx PID. Kai< TO/ibKO Bbi y3HaeTe PID npouecca, KOMaHAa kill -signal 
pid no3BO/ifleT BaM OTnpaBMTb cMTHa/i (ec/iM Bbi AB/iaeTecb 
BnaAenbueM npouecca). CymecTByeT HecKO/ibKO cMma/iOB; caMbiMM 
Macro Mcno/ib3yeMbiMM AB/iaiOTCfl TERM (3anpoc Ha npeicpameHMe 
npouecca) m KILL (npMHyAMTe/ibHoe 3aBepmeHMe). 

1/lHTepnpeTaTop KOMaHA MO>KeT TaK>Ke 3anycKaTb nporpaMMbi b 
4)ohobom pe>KMMe, ec/iM 3a kom3haom c/ieAyeT «&». l/lcno/ib3yfl 
aMnepcaHA, Bbi HeMeA-neHHO B0306H0B/iaeTe ynpaB/ieHMe o6ojiohkom, 
Aa>xe ec/iM KOMaHAa Bee eiue pa6oTaeT (HaxoAHTca b cpbiTOM pe>KMMe 
b KanecTBe c^OHOBoro npouecca). KoMaHAa jobs nepeHMc/iaeT 
npoueccbi, 3anymeHHbie b c^ohobom pe>KMMe; ec/iM 3anycTMTb fg 
%job-number (fg 03HanaeT npnopnreTHbin (foreground)), to 3aAana 
6yAeT BoenpMHMMaTbefl KaK npMopMTeTHaa. KorAa KOMaHAa 
3anyci<aeTCfl KaK npMopMTeTHaa (0Ha Moma 6biTb 3anymeHa KaK b 
HOpMa/lbHOM pe>KMMe, TaK M B03BpameHa K npMOpMTeTHblM C nOMOLAbK) 
KOMaHAbi fg), KOM6MHauM?i K/iaBMLLi Control+Z npMOCTaHaB/iMBaeT 
npouecc M B03BpamaeT KOHTpO/lb HaA KOMaHAHOM CTpOKOM. npouecc 
3aTeM MO>KeT 6biTb nepe3anymeH b c^ohobom pe>KMMe c noMOLUbio 
KOMaHAa bg % job-number { bg 03HanaeT <£oHOBbiM {background)). 
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3.4.4 YnpaB/ieHMe npaBaMM 

Linux aBnaeTca MHorononb30BaTenbCKoPi cMcreMOM, TaK hto b HePi 
Heo6xoflMMO npeAOCTaBHTb cMcreMy pa3pei±ieHMPi Ana ynpaBneHMa 
Ha6opoM pa3peiiieHHbix onepauMPi HaA cj^aPinaMM m KaTanoraMM, 
KOTopbie BKnK)HaK)T b ce6a Bee cMcreMHbie pecypcbi m ycTpoPicTBa (b 
CMCTeMe Unix nK)6oe ycTpoPicTBO npeACTaBneHO c^aPinoM i/mu 
KaTanoroM). flaHHbiPi npMHUMn aBnaeTca o6luhm A-na Bcex Unix 
noAo6Hbix ci/icTeM. 

Ka>KAbiPi cj^aPin MnM AHpeKTopua o6naAaeT oco6biMM npaBaMM AOCTyna 
Ana Tpex KaTeropnPi nonb30BaTenePi: 

• Ero BnaAeneq (o6o3HaHaeTca 6yKBoPi u, KaK b cnoBe user); 

• Tpynna, BnaAeioman mm (o6o3HaHaeTca 6yKBoPi g, KaK b cnoBe 
group), npeACTaBnaeT Bcex nneHOB rpynnbi; 

• flpyme (o6o3HaaaeTca 6yKBoPi o, KaK b cnoBe other) 

• TpM Tuna npaB MoryT 6biTb oSteAMHeubi: 

• flna HTeHMa (o6o3HanaeTca 6yKBoPi r, KaK b cnoBe read); 

• Ana 3anMCbiBaHMa (MnM peAaKTMpoBaHMa, o6o3HanaeTcn 6yKBoPi w, 
KaK b cnoBe write); 

• Ana BbinonHeHMa (o6o3HaaaeTca 6yKBoPi x, KaK b cnoBe execute). 

B cnyaae c c^aPinoM AeMCTBMe btmx npaB oneHb noHaTo: AOCTyn A-nfl 
HTeHMa no3BonaeT HMTaTb coAsp>KMMoe c^aPina (BKmonaa 
KonMpoBaHMe), AOCTyn A-na 3anMCM no3BonaeT ero M3MeHMTb, a 
AOCTyn A-nfl BbinonHeHMa no3BonaeT 3anycTMTb ero (hto 6yAeT 
pa6oTaTb TonbKO b tom cnynae, ecnM cjoaPin aBnaeTca nporpaMMOM). 


HcnonuneMbie 4>an/ibi setuid v\ setgid 

flBa KOHKpeTHbix npaBa OTHOcaTca k McnonHaeMbiM c^aPinaM: setuid m 
setgid (o6o3HanaK)Tca 6yKBoPi «s»). 06paTMTe BHMMaHMe, hto Mbi 
nacTO roBopMM o 6MTax, TaK KaK Ka>KAoe M3 btmx norMnecKMx 
3HaneHMPi MO>KeT 6biTb npeACTaBneHO HyneM MnM eAHHMqePi. 3 tm ABa 
npaBa no3BonaK)T nio6oMy nonb30BaTenK) BbinonHaTb nporpaMMy c 
npaBaMM BnaAenbua MnM rpynnbi, cooTBeTCTBeHHO. 3 tot MexaHM3M 
npeAOCTaBnaeT AOCTyn k c^yHKUMaM, Tpe6yiomnM 6onee BbicoKMx 
pa3pemeHMPi, neM Te, KOTopbie Bbi o6biHHO MMenM. 
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nocKO/ibicy KopHeBafl nporpaMMa setuid cMcreMaTMHecKM 3anycKaeTcn 
noA MASHTM(|)MKaTopoM cynepnonb30BaTenn, oneHb b3>kho 
o6ecneHMTb ee HaAe>KHOCTb m 6e3onacHOCTb. /lK)6oMy nonb30BaTenK), 
KOTopbM cMO>KeT HapyuiMTb pa6oTy KopHeBOM nporpaMMbi setuid A-rm 
Bbi30Ba KOMaHAbi no cBoeMy Bbi6opy, MO>KeT 3aTeM BbicTynaTb b pone 
nonb30BaTenn root m MMeTb Bee Heo6xoAHMbie npaBa b CMCTeMe. 
neHTecrepbi perynnpHO nmyT cjoan/ibi TaKoro Tuna, KorAa ohm 
nonynaKDT AOCTyn k CMCTeMe m Mcnonb3yK)T ero Ann Toro, HTo6bi 
pacniMpMTb cbom npaBa AOCTyna. 


flMpeKTopMM o6pa6aTbiBaK)Tcn MHane, neM c^aPinbi. flocryn k HTeHMK) 
AaeT npaBO 03HaK0MMTbcn co cnMCKOM ee coAep>KMMoro (cj^ai/inoB m 
KaTanoroB); AOCTyn Ann 3anMCM no3BonneT co3AaBaTb v \ nv \ yAannTb 
c(3aMnbi; m AOCTyn A-rm BbinonHeHMn no3BonneT nepexoAHTb nepe3 
AMpeKTopMK) Ann nonyneHMn AOCTyna k ero coAep>KMMOMy (HanpMMep, 
c noMombK) KOMaHAbi cd). Bo3MO>KHOCTb nepexoAHTb nepe3 
AMpeKTopMK), He \AMen bo3mo>khoctm HMTaTb ee, AaeT nonb30BaTenK) 
npaBO AOCTyna k 3anMcnM b AHpeKTopnnx, KOTopbie M3BecTHbi no 
MMeHM, ho He A-rm mx noMCKa, He 3Han mx tohhoto mmchm. 


Be3onacHOCTb 

flupeKTopum setgid m sticky bit 

setgid bit Tax>xe npMMeHneTcn k AHpeKTopnnM. J1 k)6oh 3aHOBO 

C03AaHHblM ObteKT B nOA 06 HblX AHpeKTOpMflX aBTOMaTMHeCKM 
Ha3HanaeT rpynny BnaAenbqa poAHTenbcxoro KaTanora, a He 
HacneAyeT ocHOBHyio rpynny co3AaTenn, xax o6bNHO. l/l3-3a 3Toro 
BaM He Hy>KHO MeHATb ocHOBHyio rpynny (c noMombK) KOMaHAbi 
newgrp) npM pa6oTe b AepeBe cjDannoB, coBMecTHO Mcnonb3yeMOM 
HecKonbKMMM nonb30BaTennMM oahoh m tom >xe BbiAeneHHOH rpynnbi. 

The sticky bit (o6o3HaHaeTcn 6yKBOH "t") nBnnercn pa3peweHMeM, 
KOTopoe AOBonbHO none3HO b AnpexTopnax. Oho oco6eHHO none3HO 
Ann Mcnonb30BaHMn bo BpeMeHHbix AnpexTopnax, rAe y Bcex ecTb 
AOCTyn Ha 3anMCb (HanpMMep, /tmp/): oho orpaHMHMBaeT yAaneHMe 
cf)aMnoB t3kmm o6pa30M, hto TonbKO mx BnaAeneu MnM BnaAeneu 
poAHTenbCKoro KaTanora MO>xeT mx yAanMTb. B npoTMBHOM cnynae Bee 
nonb30BaTenM MornM 6bi yAannTb cjoakinbi ApyrMx nonb30BaTenen b 
/tm /. 
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Tpi/i KOMaHAbi ynpaB/iaiOT pa3pei±ieHHflMH, cBA3aHHbiMH c c^aPi/iOM: 
• chown nonb30BaTe/ibCKMM pan/i MenmeT B/iaAe/ibua patina 


COBET l/l3MeHeHiie no/ib30BaTe/in m rpynnbi 

flOBonbHO nacTO Bbi xoTMTe M3MeHMTb rpynny c^aPi/ia 
OAHOBpeMeHHO c M3MeHeHneM ero BnaAe/ibqa. KoMaHAa chown 
06/iaAaeT oco6biM cHHTaKcncoM A-rm noAo6Hbix 3aAan: chown user: 
group file 


• chgrp (pawn rpynnbi i/i3MehmeT B/iaAe/ibua rpynnbi 

• chmod pan/i npaB H3MeHfleT npaBa AOCTyna k cjoan/iy 

CymecTByeT Aea cnoco6a o6o3HaneHHfl npaB. CpeAn hhx, 
CMMBO/iMHecKoe o6o3HaHeHMe, no>Ka.nyPi, nsnnejcn caMbiM npocTbiM 
Arm noHMMaHM^ h 3anoMHHaHMfl. Oho BK/nonaeT b ce6a 6yKBbi y>Ke 
ynoM^HyTbie Bbime. Bbi MO>KeTe onpeAe/mTb npaBa Arm Ka>KAoPi H3 
KaTeropnPi nonb30BaTenePi (u/g/o), c noMombio ncno/ib30BaHHjR 
(3HaKa =) npn6aBneHMfi (+) h/ih BbiHHTaHHfl (-). TaKHM o6pa30M, 
c|)opMyna u = rwx,g+rw,o-r AaeT B/iaAenbuy npaBa Ha HTeHHe, 3anncb 
h Bbino/iHeHHe, npeAOcraB/meT B/iaAenbuaM rpynn npaBa Ha HTeHHe 
h 3anncb, a TaK>Ke /imuaeT npaB Ha HTeHHe Apyrnx nonb30BaTenePi. 
npaBa, b KOTopbix He 6bmn BHeceHbi n3MeHeHna Ao6aB/ieHHeM h/ih 
BbNMTaHMeM C nOMOLUbK) nOA06HOH KOMaHAbi TaKOM KOMaHAe, 
ocTaiOTCjR HeM3MeHeHHbiMn. EyKBa a Ann Bcex oxBaTbiBaeT Bee Tpn 
KaTeropnn nonb30BaTenePi, TaK hto a - rx npeAOCTaB/meT BceM TpeM 
KaTeropi/mM OAHHaKOBbie npaBa (HTeHHe h BbinormeHne, ho He 
3anncb). 

BocbMepHHHoe h/ih HHcnoBoe o6o3HaHeHne cBA3biBaeT Ka>KAoe npaBO 
c onpeAeneHHoPi Be/iHHHHOH: 4 Ann HTeHi/m, 2 Arm 3anncn h 1 Arm 
Bbino/iHeHHe. Mbi cBA3biBaeM Ka>KAyK) KOM6nHaunK) npaB c cyMMoPi 
Tpex unc^p, cneAOBaTe/ibHO, onpeAeneHHoe 3HaneHne npncBaHBaeTca 
Ka>KAoPi KaTeropnn no/ib30BaTe/iePi b o6bNHOM nop^AKe (BnaAe/ieq, 
rpynna, ApyrHe). 

HanpHMep, KOMaHAa chmod 754 Ha3BaHne panna ycraHOBHT 
c/ieAyK>mne npaBa: HTeHHe, 3anncb h BbinormeHne Arm B/iaAe/ibqa 
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(t.k. 7 = 4 + 2 + 1); HTem/ie m BbinormeHHfl A-rm rpynnbi (t.k. 5 = 4 
+ 1); npaBa TO/ibKO Ha HTeHi/ie Ann Apyrux. UMcjDpa 0 03HanaeT, hto 
K aTeropi/m He 06/iaAaeT hi/hokhmm npaBaMi/i; t3kmm o6pa30M, chmod 
754 h d3 b d hm e cpanna AaeT npaBa Ha HTeHi/ie m 3anncb B/iaAe/ibuy 
m HMKOMy 6o/ibiiie. CaMoPi pacnpocTpaHeHHOM KOM6nHaunePi npaB 
nsnnejcn 755 A-rm Mcno/iHaeMbix c^aPinoB m AnpeKTopm/i m 644 A-rm 

C|3aMJ10B ASHHblX. 

HTo6bi o6o3HaHMTb cneuna/ibHbie npaBa, Bbi MO>KeTe npi/mncaTb 
neTBepTyK) UMcJ^py 3T0My HOMepy b cootb6tctbhh c TeM >xe 
npi/iHui/moM, rAe 6nTbi setuid, setgid m sticky paBHbi 4, 2 m 1 
cooTBeTCTBeHHO. KoMaHAa chmod 4754 cBflweT 6 mt setuid c paHee 
onMcaHHbiMM npaBaMM. 

06paTMTe BHMM3HHe, HTO MCn0/lb30BaHMe BOCbMepMHHOM 3anMCM 
no3BO/ijReT BaM cpa3y ycraHaB/iMBaTb Bee npaBa Ha c^aPi/i; Bbi He 
MO>KeTe ncno/ib30BaTb ero A-n^ Ao6aB/ieHi/m hoboto npaBa, TaKoro KaK 
AOCTyn A-n^ htchma A-rm B/iaAe/ibua rpynnbi, nocKO/ibicy Bbi AO/i>KHbi 
yHMTbiBaTb cymecTByK)mne npaBa m BbiHMC/iflTb HOBoe 
cooTBeTCTByiomee Hi/ic/iOBoe 3HaneHi/ie. 

BocbMepMHHoe o6o3HaHeHi/ie Taioxe i/icno/ib3yeTCfl c kom3haom 
umask, KOTopaa i/icno/ib3yeTCfl A-nfl orpaHMneHi/m npaB Ha HeAaBHO 
co3AaHHbie c^aPinbi. KorAa npi/mo>KeHi/ie co3AaeT c^aPi/i, oho 
H a3HanaeT HHAHKaTMBHbie npaBa AOCTyna, 3Ha n, hto ci/icreMa 
aBTOMaTMHecKM yAa/iaeT npaBa, onpeAeneHHbie c noMombio umask. 
BBeAHTe umask b o6onoHKe; Bbi yBHAHTe cneAyromyK) MacKy 0022. 
3 to npocTO BoebMepHHHoe o6o3HaHeHMe npaB Ha cMCTeMaTi/inecKoe 
yAaneHi/ie (b btom cnynae npaBa Ha 3anncb A-rm rpynnbi m ApyrHx 
no/ib30BaTe/ieM). 

Ec/ii/i Bbi AaAHTe eMy HOBoe BOCbMepi/iHHoe 3HaneHne, KOMaHAa umask 
M3MeHMT MacKy. Hcno/ib3yeMbiM b c^aPi/ie Hana/ibHOi/i i/iHm4i/ia.ni/i3ai4i/m 
o6o/iohkh (HanpMMep, ~/.bash_profile), oh acj^eKTMBHO M3MeHfleT 
MacKy no yMonnaHHK) Ann BaniHX pa6oni/ix cecci/m. 


COBET PeKypcMBHan onepaunn 
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1/lHorAa HaM npMxoAHTCfl MeHATb npaBa A-rm Bcero AepeBa cj^aM/iOB. 
Bee BbinienpuBeAeHHbie KOMaHAbi MMeiOT onuMio -R A-ns pexypcMBHOM 
pa6oTbi b cy6-AnpeKTopnjRx. 

Pa3/iMHne Me>KAy xaTa/ioraMM m cJ^aPi/iaMM mnorAa Bbi3biBaeT 
npo6/ieMbi c noBTopHbiMM onepauMAMM. Bot noneMy 6yKBa «X» 6bma 
BBeASHa b cMMBO/iMHecKOM o6o3HaneHMM npaB. OHa npeACTaB/ij^eT 
co 6 om npaBO Ha Bbino/iHeHMe, KOTopoe npMMeHaeTCfl TO/ibKO k 
K aTa/ioraM (a He k (^ai/maM, He MMeiOLUMM 3Toro npaBa). TaKi/iM 
o6pa30M, KOMaHAa chmod -R a+X Ha3BaHne a^PGktopmm 6yAeT 
Ao6aB/i?iTb mnbKO npaBa Ha BbinormeHMe Ann Bcex KaTeropnPi 
no/ib30BaTe/iePi (a) A-n^ Bcex cy6-AnpeKTopnM n c^aPi/iOB, b KOTopbix 
xota 6bi OAHa KaTeropna no/ib30BaTe/iePi (Aawe ec/in ohm flBrmiOTCfl 
eAMHO/iMHHbiMM B/iaAe/ibuaMM) y>Ke 06/iaAaeT npaBaMM Ha 
Bbino/iHeHMe. 


3.4.5 lloAyHeHMe cucieMHOM MH(|)opMaLJ 1 MM m >KypHaAOB 

KoMaHAa free OTo6pa>KaeT MHcjDopMaqMK) o naMjRTM; disk free (df) 
coo6maeT BaM o cbo6oahom npocTpaHCTBe Ha k3>kaom Ancxe, 
KOTOpbIM CMOHTMpOBaH B (^aM/lOBOM CMCTeMe. OnpMfl A9HH0M KOMaHAbi 
-h (vMTaeMafi Ann ^enoaeKa ) npeo6pa3yeT pa3Mepbi b 6o/iee 
pa36opHMByK) eAHHMuy (o6bNHO mebibytes mjim gibibytes). 
noAo6HbiM o6pa30M KOMaHAa free noAAsp>KMBaeT -m m -g onuMM m 
OTo6pa>KaeT mx AaHHbie KaK b mebibytes, Tax m b gibibytes 
COOTBeTCTBeHHO. 


$ free 


Mem: 

Swap: 

$ df 


total 

2052944 

0 


used 

661232 

e 


free 

621208 

0 


shared buff/cache available 

10520 770504 1359916 


Filesystem 


lK-blocks Used Available Use% Mounted on 

1014584 0 1014584 0% /dev 

205296 8940 196356 5% /run 


udev 

tmpfs 


/dev/vdal 


30830588 11168116 18073328 39% / 

1026472 456 1026016 1% /dev/shm 


tmpfs 

tmpfs 

tmpfs 

tmpfs 

tmpfs 


1026472 0 1026472 0% /sys/fs/egroup 

205296 36 205260 1% /run/user/132 

205296 24 205272 1% /run/user/0 


5120 0 5120 0% /run/lock 
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KoMaHAa id OTo6pa>KaeT /iMHHOCTb no/ib30BaTe/ifl Bbino/ii-mK)mero 
ceaHc, a TaK>Ke cnncoK rpynn, k KOTopbiM oh npnHaA-ne>KHT. T.k. 
AOCTyn K HeKOTOpbIM C^aPi/iaM M/1M yCTpOMCTB3M MO>KeT 6blTb 
orpaHHneH unn nneHOB rpynnbi, TaK hto npoBepKa AOCTyn hoctm 
nneHCTBa b rpynnax MO>KeT 6biTb no/ie3Ha. 


$ id 

uid=1000(buxy) gid=1000(buxy) groups=1000(buxy),27(sudo) 


KoMaHAa uname -a B 03 BpamaeT OAHHOHHyio crpoKy, b KOTopoPi 
3 anncaHbi mma napa (Linux), mm n xocTa, BbinycK aa pa, BepcMfl aa pa, 
TMn ManiMHbi (cTpoKa apxMTeKTypbi, TaKaa KaK x 86 _ 64 ), m mma 
onepauMOHHOM cMCTeMbi (GN U / Linux). BbiBOA 3 tom KOMaHAbi 
06blHH0 AO/l>KeH BK/lKDHaTbCfl B OTHeTbl 06 OLUM6KaX, TaK KaK OH HeTKO 
onpeAermeT Mcno/ib 3 yeMoe napo m annapaTHyK) nnaTcf)opMy, Ha 
kotopom Bbi pa6oTaeTe. 

$ uname -a 

Linux kali 4.9.0-kali3-amd64 #1 SMP Debian 4.9.18-lkalil (2017-04-04) x86_64 GNU/Linux 


Bee 3TM KOMaHAbi npeAOCTaB/lflKDT MHCf)OpMaUMK) 0 BpeMeHM 
MCnO/lHeHMjq, HO AOBO/lbHO HaCTO BaM Hy>KHO 06paTMTbCfl K >KypHanaM, 
HTo6bi noHJiTb, hto npoMcxoAn.no Ha BameM KOMnbKDTepe. B 
H3CTH0CTM, J^APO OTnpaB/lfleT C006meHMjq, KOTOpbie OHO XpaHMT B 
KonbueBOM 6y<£epe BCflKMPi pa3, KorAa npoMcxoAHT hto-to 
MHTepecHoe (HanpMMep, BCTaB/iaeMoe HOBoe USB-ycrpoPicTBO, 
HeyAanHaa pa6oTa Ha >KecTKOM AHCKe m/im nepBOHana/ibHoe 
o6Hapy>KeHMe annapaTHoro o6ecneneHMfl npn 3arpy3Ke). Bbi MO>KeTe 
no/iyHMTb >KypHanbi ^Apa c noMombK) KOMaHAbi dmesg. 

>KypHa/i Systemd Tao<e xpaHMT HecKO/ibKO >KypHa/iOB (stdout/stderr 
BbiBOAbi ASMOHa, syslog coo6meHMfl, >KypHa/ibi flApa) m ynpomaeT mx 
3anpoc c noMombK) journalctl. Be3 KaKMx-/iM6o apryMeHTOB oh npocTO 
BbicTpaMBaeT Bee AOCTynHbie >KypHa/ibi b xpoHO/iorMnecKOM nop^AKe. 
C napaMeTpoM -r oh M3MeHMT nop^AOK, HTo6bi cHana/ia OTo6pa>Ka/iMCb 
HOBbie coo6meHMfl. C napaMeTpoM -f oh 6yAeT HenpepbiBHO nenaTaTb 
HOBbie 3anMCM >KypHa/ia, nocKO/ibKy ohm Ao6aB/iflK)TCfl b ero 6a3y 
AaHHbix. flapaMeTp -u MO>KeT orpaHMHMBaTb coo6meHMfl TeMM, 
KOTOpbie McnycKaiOTCJi onpeAe/ieHHbiM MOAy-neM systemd (HanpMMep: 
journalctl -u ssh.service). 
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3.4.6 06Hapy>KeHMe o6opyA,OBaHMfl 


flAPO 3KcnopTnpyeT MHO>KecTBO AeTa/iePi 06 o6Hapy>KeHHOM 
o6opyAOBaHnn nepe3 BMpTya/ibHbie c^aPmoBbie cucreMbi /proc/ and 
/sys/. HeCKO/lbKO MHCTpyMeHTOB CyMMMpyKDT 3TM AGTa/lM. CpeAH hmx 
Ispci (b naKeTe pciutils ) nepeni/icrmeT PCI ycrpoPicTBa, Isusb (b 
naKeTe usbutils ) nepenMcrmeT USB ycrpoPicTBa, m Ispcmcia (b naKeTe 
pcmciautils) nepeHMcnaeT PCMCIA KapTbi. 3tm i/iHcrpyMeHTbi 
flB/iflK)TCfl oneHb no/ie3HbiMM A-n^ onpeAe/ieHMA KOHKpeTHOM MOAe/in 
ycTpoPicTBa. 3Ta i/iAeHTi/icbMKa 141/m TaK>Ke no3BO/meT npoBOAHTb 6o/iee 
KOHKpeTHbie nOMCKM B 1/lHTepHeTe, HTO B CBOK) OHepeAb, npMBOAHT K 
Haxo>KASHMK) 6o/iee noAxoA^mux AOKyMeHTOB. 06paTi/iTe BHMMam/ie, 
hto naKeTbi pciutils i/i usbutils flB/mKmm ywe ycTaHOB/ieHHbiMi/i Ha 
6a30BoPi cMCTeMe Kali, b to BpeMA KaK pcmciautils AO/i>KeH 6biTb 
ycTaHOB/ieH c noMombK) apt install pcmciautils. Mbi BbiAe/iMM 6o/ibiiie 
BpeMeHM Ha paccMOTpeHi/ie ycTaHOBKM naKeTOB i/i mx ynpaB/ieHi/iK) b 
noc/ieAyKDLuePi r/iaBe. 

ripiiMep 3.1 ilpuMep M-HpopMauMM, npeflOCTaBJieHHoti Ispci m Isusb 

$ Ispci 

[...] 

66:02.1 Display controller: Intel Corporation Mobile 915GM/GHS/916GML Express Graphics Controller (rev 83) 
66:1c.6 PCI bridge: Intel Corporation 82861FB/FBM/FR/FW/FRW (ICH6 Family) PCI Express Port 1 (rev 63) 

66:Id.6 USB Controller: Intel Corporation 82881FB/FBM/FR/FW/FRW (ICH6 Family) USB UHCI #1 (rev 63) 

[...] 

61:66.6 Ethernet controller: Broadcom Corporation NetXtreme BCM5751 Gigabit Ethernet PCI Express (rev 61) 
62:63.6 Network controller: Intel Corporation PRO/Wireless 2266BG Network Connection (rev 65) 

S Isusb 

Bus 665 Device 664: ID 413c:a885 Dell Computer Corp. 

Bus 665 Device 668: ID 413c:9661 Dell Computer Corp. 

Bus 665 Device 667: ID 645e:66dd Microsoft Corp. 

Bus 665 Device 666: ID 646d:c63d Logitech, Inc. 

[...] 

Bus 662 Device 664: ID 413c:8163 Dell Computer Corp. Wireless 356 Bluetooth 


3tm nporpaMMbi MMeKDT onui/iK) -v, KOTopaa coAep>KMT ropa3AO 6onee 
noApo6HyK) (ho o6biHHO HeHy>KHyK)) HHcjDopMauHK). HaKOHeq, 
KOMaHAa Isdev (b naKeTe procinfo ) nepeHi/ic/meT pecypcbi cba3i/i, 
ncno/ib3yeMbie ycrpoi/icTBaMi/i. 

ilporpaMMa Ishw npeACTaB/meT co6oi/i KOM6i/maui/iK) yKa3aHHbix Bbime 
nporpaMM i/i OTo6pa>KaeT noAPo6Hoe onncaHi/ie annapaTHoro 
o6ecneHeHMfi, o6Hapy>KeHHoro b i/iepapxi/inecKOM nop^AKe. Bbi 
Heo6xoAHMO npnK/iaAbiBaTb no/iHbm BbiBOA ashhom KOMaHAbi k 
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/iK)6oMy OTneTy o npo6/ieMax c noAAep>KKon annapaTHoro 
o6ecneneH ns. 


3.5 rioABeAeM morn 

B 3tom pa3Ae/ie Mbi npoBenn 6ernbin o63op MacLUTa6Horo /iaHALuact)Ta 
Linux. Mbi o6cyAnnn npocTpaHCTBO aa pa n nonb30BaTenn, 
paccMOTpe/iM MHorne pacnpocTpaHeHHbie KOMaHAbi o6onoHKn Linux, 
o6cyAnnn npoueccbi n cnoco6bi nx ynpaBneHnn, paccMOTpe/in 
KOHqenuMH 6e3onacHOCTM nonb30BaTenen n rpynn, o6cyAnnn FHS n 
o6cyAn/in HeKOTopbie H3 Han6onee pacnpocTpaHeHHbix AnpeKTopnn h 
c^annoB, HanAeHHbix b Kali Linux. 

CyMMi/ipyeM Bee ynoMAHyToe: 

• Linux Macro ncnonb3yeTcn A-rm o6o3HaHeHnn Been onepaunoHHon 
cncTeMbi, ho Ha caMOM Aene Linux nBnneTcn aapom onepaMnoHHon 
cncTeMbi, KOTopoe 3anycKaeTcn 3arpy3HHKOM, KOTopbin, b cbokd 
onepeAb, caM 3anycKaeTcn BIOS / UEFI. 

• no/ib30BaTenbCKoe npocTpaHCTBO othochtca ko BceMy, hto 
nponcxoAnT 3a npeAenaMn RApa. CpeAn nporpaMM, pa6oTaK>mnx b 
no/ib30BaTe/ibCKOM npocTpaHCTBe, ecTb MHoro ocHOBHbix ymnnT n3 
npoeKTa GNU, 6o/ibiiinHCTBO H3 KOTopbix npeAHa3HaneHO f\r\9\ 
3anycKa M3 KOMaHAHon ctpokm (TeKCTOBbin HHTepcJoeHC, KOTopbin 
no3BonneT BBOAnTb KOMaHAbi, Bbino/iHfiTb nx n npocMaTpnBaTb 
pe3y/ibTaTbi). 06onoHKa BbinonHneT Banin KOMaHAbi b btom 
HHT epc|3ence. 

• CnncoK caMbix Macro ncno/ib3yeMbix KOMaHA BK/iionaeT b ce6n: pwd 
(0T06pa3HTb pa6onyK) AnpeKTopnio (print working directory)), cd 
(cMeHHTb AnpeKTopnio (change directory)), Is (nepennc/inTb 
coAep>KnMoe A^peKTopnn (list file or directory contents)), mkdir 
(co3AaTb AnpeKTopnio (make directory)), rmdir (yAa/inTb 
AnpeKTopnio (remove directory)), mv, rm, and cp (nepeMecrnTb 
(move), yAa/inTb (remove), nnn cKonnpoBaTb (copy) cj^ann nnn 
AnpeKTopnio cooTBeTCTBeHHo), cat (cBA3aTb nnn noKa3aTb cj^ann), 
less/more (noKa3biBaTb cj^annbi no OAHon cTpaHnue 3a pa3), editor 
(3anycTnTb TeKCTOBbin peAaKTop), find (noKa3aTb MecTonono>KeHne 
cfianna nnn AnpeKTopnn), free (0T06pa3nTb nHc^opMaunio o 
naM^Tn), df (noKa3aTb cBo6oAHoe npocTpaHCTBO Ha AncKe), id 
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(0T06pa3MTb /iMHHOCTb no.nb30BaTe.nfl BMecTe co cnucKOM rpynn, k 
KOT opbiM oh npnHaA-ne>KMT), dmesg (npocMOTpeTb >KypHan AApa), 
m journalctl (noKa3aTb Bee AOCTynHbie >KypHa/ibi). 

• Bbi MO>KeTe npoBepMTb annapaTHoe o6ecneneHMe b cMcreMe Kali 
HecKO/ibKMMM KOMaHAaMM: Ispci (cnncoK PCI yCTpOMCTB), Isusb 
(cnncoK USB HaKonHTenePi) h Ispcmcia nepenMc/ifleT KapTbi 
PCMCIA. 

• npouecc AB/ifleTCA pa6oHMM 3K3eMn/iflpoM nporpaMMbi, KOTopbiPi 
Tpe6yeT onpeAe/ieHHbiPi obteM naMATM, KaK Ann xpaHeHMA caMoPi 
nporpaMMbi, TaK h Ann ee onepaTMBHbix AaHHbix. Bbi MO>xeTe 
ynpaB/iATb npoueccaMH c noMombK) TaK mx KOMaHA KaK: ps 
(noKa3aTb npoueccbi), kill (3aBepmnTb npoueccbi), bg (oTnpaBHTb 
npOMeCC B Cf)OHOBblM pe>KHM), fg (BbIBeCTM npouecc M3 Cj^OHOBOrO 
pe>KHMa Ha nepeAHMPi n/iaH), h jobs (noKa3aTb Bee c|}OHOBbie 
npoueccbi). 

• CncTeMbi, ocHOBaHHbie Ha Unix, ab/ia^tca 

MHorono/ib30BaTe/ibCKHMn. Ohm noAAep>KMBaK)T mhokcctbo 
no/ib30BaTe/ieM m rpynn, a TaK>Ke no3BO/iAK)T no/iynMTb KOHTpo/ib 
HaA agmctbmamm Ha ocHOBe npaB AOCTyna. Bbi MO>KeTe ynpaB/iATb 
npaBaMM c^aPi/ia m ah peKTopMM c noMombK) HecKO/ibKMx KOMaHA, 
BK/iKDHasi: chmod (M3MeHMTb npaBa AOCTyna), chown (M3MeHMTb 
BnaAe/ibua), chgrp (cMeHMTb rpynny). 

• KaK m Bee Apyrne npocjDeccMOHa/ibHbie AncTpM6yTMBbi Linux, Kali 
LinUX 0praHM30B3H T3KMM 06pa30M, HT 06 bl COOTBeTCTBOBaTb 
CTaHAapTy MepapxMM c^aPmoBoPi cMCTeMbi (FHS) (Filesystem 
Hierarchy Standard (FHS)), hto b cbokd onepeAb no3BO/ifleT 
no/ib30BaTe/iAM, npMLueAU-iHM M3 Apyrnx AncTpM6yTMBOB Linux, c 
zierKOCTbK) HanaTb pa6oTaTb c Kali. 

• TpaAHUMOHHO, KOHcf)MrypauMM npM/io>KeHMM xpaHATCA b BaweM 
AOManmePi AnpeKTopMM b cKpbiTbix cj^aPmax v\nv\ AnpeKTopMAx, 
H33BaHMA KOTOpbIX HaHMHaiOTCfl TOHKM. 

Tenepb, KorAa Bbi 03HaK0MM/iMCb c ocHOBaMM Linux, AaBaPiTe 

nepePiAeM k ycTaHOBKe m 3anycKy Kali Linux. 
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HacTb 4: YcraHOBKa Kali Linux 


CoflepwaHne: 

4.1 MMHHMa/ibHbie ci/icTeMHbie Tpe6oBaHi/m 

4.2 noLuaroBaa ycTaHOBKa Ha wecTKMM auck 

4.3 ABTOMaTHHecKkie ycraHOBKi/i 

4.4 ARM ycTaHOBKM 

4.5 YcTpaHeHMe Heno/iaAOK bo BpeMA ycraHOBKi/i 

4.6 lloABeAeM nTorn 

K/ifoneBbie c/iOBa maBbi: 

• YcraHOBKa 

• ABTOMaTMHeCKaJR 

• ycTaHOBKa ARM ycrpoPicTB 

• YcTpaHeHMe HenonaAOK 
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B 3tom rnaBe Mbi noflpo6HO paccMOTpMM npoqecc ycTaHOBKM Kali 
Linux. CHana/ia, Mbi o6cyflMM MMHMMa/ibHbie CMCTeMHbie Tpe6oBahmfl 
(pa3Ae/i 4.1, «MMHMMa/ibHbie CMCTeMHbie Tpe6oBam/m» [cTp. 66]) a/ijr 
T oro, HTo6bi y6eAHTbc?i b tom, hto Bama pea/ibHaa m/im BMpTya/ibHaa 
ManiMHa cooTBeTCTByeT Heo6xoAHMbiM Tpe6oBaHMaM m HacTpoeHa 
AO/i>KHbiM o6pa30M Ann npoBeAeHMA Bbi6paHHoro BaMi/i npoqecca 
ycTaHOBKM. fla/iee Mbi npoMAeMca mar 3a maroM no Ka>KAOMy 3Tany 
npoqecca ycTaHOBKM (pa3Ae/i 4.2, «nomaroBaa ycTaHOBKa Ha 

>KeCTKMM AHCK» [CTp. 66]) H3HMHafl C 06 blHH 0 M yCTaHOBKM M 
3aKaHHMBaa 6onee 6e3onacHbiMM npoqeccaMM MHCTa/irmuMM, KOTopbie 
BKJIKDHaKDT B Ce6fl nO/lHOCTbK) 3aLUMCj}pOBaHHyK) CjDaMnOByK) CMCTeMy. 
Mbi TaK>Ke o6cyAHM npecM/iMHr, KOTopbiPi Ae/iaeT AOcrynHOM 
aBTOMaTMHecKyK) ycTaHOBKy (pa3Aen 4.3, "ABTOMaTMnecKMe 
ycTaHOBKM" [cTp. 91]) nyTeM npeAOCTaB/ieHMA npeAonpeAe/ieHHbix 
OTBeTOB Ha Bonpocbi npM ycTaHOBKe. TaK>Ke Mbi noKa>KeM BaM, KaK 
ycTaHOBMTb Kali Linux Ha pa3/iMHHbie ARM ycrpoi/icTBa (pa3Ae/i 
4.4,"ARM YcTaHOBKM" [cTp. 94]), hto b cbokd onepeAb pacwMpfleT 
bo3mo>khoctm Kali Aa/ieKO 3a npeAe/ibi pa6onero cTO/ia. I/I HaKOHeu, 
Mbi npoASMOHCTpMpyeM BaM, hto Heo6xoAHMO AenaTb b Tex peAKMx 
cnynafix c6on ycTaHOBKM (pa3Aen 4.5, "YcrpaHeHMe HenonaAOK bo 
BpeMa ycTaHOBKM" [CTp. 95]), T3KMM 06pa30M, HTO Bbl C JierKOCTbK) 
CMO>KeTe pemMTb npo6neMy m ycnemHO 3aBepmMTb npouecc 
MHCTan/l?U4MM. 


4.1 MklHMMa/IbHbie CMCTeMHbie TpeSOBaHMfl 

Tpe6oBaHM?i k ycTaHOBKe Ann Kali Linux pa3/iMHaK)TCfl b 33bmcmmoctm 
ottoto, HTo6bi Bbi xoTe/iM ycTaHOBMTb. B KanecTBe hm>khcm rpaHMUbi, 
Bbi MO>KeTe ycTaHOBMTb b BMAe ceBepa Secure Shell (SSH) 6e3 
pa6onero CTona, Mcno/ib3ya Bcero 128 MB 03Y (peKOMeHAyeTca 512 
MB 03Y) m 2 T6 auckoboto npocTpaHCTBa. Ec/im BaM Heo6xoAHMO 
npoM3BecTM ycTaHOBKy Kali Linux c lumpokmmm cjDyHKUMOHa/ibHbiMM 
bo3mo>khoct?imm, HanpMMep, co cpeAOM pa6onero CTona no 
yMonnaHMK) GNOME m MeTa-naKeTOM kali-linux-full, to BaM 
noHaAo6MTCfl KaK MMHMMyM k 2048 MB 03Y m 20 l~6 AUCKOBoro 
npocTpaHCTBa. 
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noMMMO Tpe6oBaHHM k 03Y v\ wecTKOMy AncKy, Bam KOMnbKrrep 
AO/i>KeH HMeTb npoueccop, noAAep>Ki/iBaeMbii/i xota 6bi oahom m 3 
apxi/iTeKTyp amd64, i386, armel, armhf i/irm arm64. 


4.2 noLuaroBan ycTaHOBKa Kali Linux Ha wecTKMM amck 

B ashhom pa3Aene Mbi mcxoahm m3 Toro, hto y Bac y>Ke ecTb 
3arpy30HHbM USB HaKonnTe/ib v\nv\ DVD (cmotpm pa3Ae/i 2.1.4 
"KonnpoBaHne o6pa3a Ha DVD-ROM m/im USB HaKoni/iTe/ib" [cTp. 19] 
A.rm no/iyneHi/m AeTa/ibHoPi nHc(3opMauMM o tom, KaK noAroTOBMTb 
3arpy30HHbiPi HaKoni/iTe/ib) m hto Bbi 3arpy>KaeTecb c Hero f\nn Hana/ia 
npouecca ycTaHOBKM. 


4.2.1 06biHHafl ycTaHOBKa 

CHanana, Mbi paccMOTpi/iM cTaHAapTHyK) ycTaHOBKy Kali c 
He3amM(f)pOBaHHOM Cj^aM/lOBOM CMCTeMOM. 

3arpy3Ka m 3anycK ycraHOBiuMKa 

KaicmribKO BIOS HaHHeT 3arpy3Ky c USB HaKoni/rre/ifl mjim DVD-ROM, 
noBBMTCjR MeHK) 3arpy3Kn linux, KaK bto noKa3aHO Ha pnoyHKe 4.1 
«3KpaH 3arpy3Kn» [cTp. 67]. Ha btom 3Tane, rapo Linux eiue He 
3arpy>KeHo; bto MeHK) no3BO/ifleT BaM Bbi6paTb Heo6xoAHMoe bapo 
A-n^ 3arpy3KM h BBecm AononHMTe/ibHbie napaMeTpbi, KOTopbie 6yAyT 
nepeAaHbi eMy b npouecce. 

Ann cTaHAapTHOM ycraHOBKi/i BaM noHaAo6i/iTCfl TO/ibKO Bbi6paTb 
Install mjim Graphical Install (c noMombK) K/iaBMi±i cTpenoneK Ha 
K/iaBi/iaType), 3aTeM Ha>KaTb K/iaBMLuy Enter HTo6bi HanaTb 
ocTaBmyKDCB nacTb npoqecca ycTaHOBKM. 

Ka>KAa?i no3MUMfl MeHK) cKpbiBaeT onpeAe/ieHHyK) KOMaHAHyK) CTpoKy 
3arpy3KM, KOTopaa MO>KeT 6biTb HacTpoeHa b c/iynae Heo6xoAHMOCTM 
nyTeM HawaTMA K/iaBMLUM Tab ao noATBep>KAeHMfl bboas m 3arpy3KM. 
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KALI 


you are able to hear” 



Boot menu 


Live (amd64) 

Live (amd64 failsafe) 

Live (forensic mode) 

Live USB Persistence 

Live USB Encrypted Persistence 
InstalI 

(check kali.org/prst) 
(check kali.org/prst) 


■ 

Install with speech synthesis 
Advanced options 

> 


PucyHOK 4.1 3/cpan 3arpy3KM 


noc/ie 3arpy3Ki/i, nporpaMMa ycraHOBKi/i npoBeAeT Bac mar 3a maroM 
nepe3 Becb npoqecc. Mbi paccMOTpMM KawAbM 1/13 btmx maroB 6o/iee 
AeTanbHO. Mbi 3aTpoHeM ycTaHOBKy co CTaHAapTHoro DVD-ROM Kali 
Linux, Tax KaK ycraHOBKa M3 mini.iso MO>KeT BbirrmAeTb HecKO/ibKO 
uHane. Mbi TaK>xe o6paTi/iMCfl k rpacj^MHecKOMy pe>KMMy ycraHOBKi/i, ho 
eAUHCTBeHHblM 0T/1MHM6M AaHHOTO pe>Ki/iMa OT K/iaCCl/NeCKOrO 
TeKCTOBOrO pe>KHMa ycTaHOBKM flBJlfleTCfl BHemHMM BHA- 


B BepcMJix 3aAaK)TCfl OAHHaKOBbie Bonpocbi m npeACTaB/ieHbi 
OAHHaKOBbie onuMM. 


Kax noKa3aHO Ha pi/icyHKe 4.2, «Bbi6npaeM fl3biK» [cTp. 68], 
nporpaMMa ycraHOBKH cTapTyeT Ha aHrnm/icKOM ?i3biKe no 
yMO/inaHHK), ho nepBbiu mar no3BO/iaeT BaM Bbi6paTb t\3b\K, KOTopbiPi 
6yAeT ncno/ib30BaTbCfi ao KOHua ycraHOBKi/i. 3 tot Bbi6op fl3bii<a 
TaK>Ke ncno/ib3yeTCjq A-rm onpeAe/ieHi/m fl3biKa no yMO/inaHmo Ha 
noc/ieAyiomux BTanax (b HacTHOcm, pacK/iaAKM K/iaBi/iaTypbi). 
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HaBMrauiifl c noMombio K/iaBiiaTypbi 

HeKOTopbie warn b npouecce ycraHOBKi/i Tpe6yK)T BBOfla 
MHCj^OpMaMMM. 3 TM BKpaHbl MM6K)T HeCKO/lbKO 06/iaCTePi, KOTOpbie 
MoryT 06/iaAaTb c^OKycoM bboas AaHHbix (06/iacTb bboas TeiccTa, 
c| 3 /ia>KKM, cnucoK BapnaHTOB, KHoriKi/i «OK» m «OTMeHa»), a KnaBMiiia 
«Tab» no3BO/iaeT nepexoAHTb ot OAHoro <t)OKyca k ApyroMy. B 
rpac^MHecKOM pe>KMMe ycTaHOBKM Bbi mo>k6T6 ncno/ib 30 BaTb Mbinib KaK 
o6bNHO Ha ycTaHOB/ieHHOM rpa<t>MHecKOM pa6oneM cTO/ie. 



Select a language 


Choose the language to be used for the installation process. The selected language will also be the 
default language for the installed system. 

Language: 


Chinese (Simplified) 


**(»*) 

a 

Chinese (Traditional) 


mam 


Croatian 


Hrvatskl 


Czech 


Ceitina 


Danish 


Dansk 


Dutch 


Nederlands 


Dzongkha 




■ English 

- 

English 


Esperanto 


Esperanto 


Estonian 


Eesti 


Finnish 


Suomi 


French 


Francais 


Galician 


Galego 


Georgian 




German 


Deutsch 


r.raatr 


Cll nuiM h 

3 


Screenshot Go Back Continue 


Pmc. 4.2 Bbi6op fl3biKa 


Bbi6op CTpaHbi 

Btopom mar (Pi/icyHOK 4.3, "Bbi6npaeM CTpaHy" [cTp. 69]) coctoht b 
tom, HTo6bi Bbi6paTb Baniy CTpaHy. B coneTaHHM c fl3biKOM 3Ta 
MHcjDopMauMfl no3BO/iaeT nporpaMMe ycTaHOBKM npeA-naraTb Han6o/iee 
noAxoA^myK) pacK/iaAKy K/iaBi/iaTypbi. 3to Taioxe noB/iM^eT Ha 
HacTpoMKy nacoBoro noaca. B CoeAHHeHHbix UlTaTax npeA-naraeTCfl 
craHAapTHafl K/iaBnaTypa QWERTY, h ycTaHOBLUHK npeACTaBrmeT 
Bbi6op noAxoA?nAnx nacoBbix noacoB. 
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Select your location 


The selected location will be used to set your time zone and also for example to help select the system 
locale. Normally this should be the country where you live. 

This is a shortlist of locations based on the language you selected. Choose other" if your location is not 
listed. 

Country, territory or area. 

Hong Kong 
India 
Ireland 
Israel 

New Zealand 
Nigeria 
Philippines 
Singapore 
South Africa 
United Kingdom 


United States 


Zambia 

Zimbabwe 

other 

Screenshot Go Back ~| | Contlny | 

PncyHOK 4.3 Bbi6npaeM CTpaHy 


Bbi6op pacK/iaflKM K/iaBMaTypbi 

l~lpeA.no>KeHHafl pacic/iaAKa K/iaBnaTypbi aMepmcaHCKoro aHrni/mcKoro 
cooTBeTCTByeT o6bNHOM pacK/iaAKe QWERTY, KaK noKa3aHO Ha 
PkicyHKe 4.4, "Bbi6op pacK/iaAKM K/iaBHaTypbi" [cTp. 70]. 



Configure the keyboard 


Keymap to use: 



Screenshot Go Back Continue 

PncyHOK 4.4 Bbi6op pacKna/]KM 
K/iaBMarypbi 
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06Hapy>KeHMe o6opyflOBaHkm 

B noflaB/i^KDineM 6o/ibi±iHHCTBe c/iynaeB mar annapaTHoro 
06 Hapy>KeHM^ nO/lHOCTbK) aBTOMaTH3HpOBaH. YcTaHOBLUHK 
o6Hapy>KHBaeT Bame o6opyflOBaHne h nbiTaeTca nAeHTMc^nuMpoBaTb 
3arpy30HHoe ycrpoPicTBO, ncno/ib3yeMoe f\nn Aocryna k ero KOHTeHTy. 
Oh 3arpy>KaeT MOAynn, cooTBeTCTByK)iune pa3/iHHHbiM 
o6Hapy>KeHHbiM annapaTHbiM KOMnoHeHTaM, a 3aTeM MOHTi/ipyeT 
3arpy30HHoe ycrpoPicTBO ixnn ero HTeHi/m. llpeAbiAyiUHe marH 
nonHOCTbK) coAepwaTCfl b 3arpy30HH0M o6pa3e, BK/iLOHaa 
3arpy30HHoe ycrpoPicTBO, dpawn orpaHHneHHoro pa3Mepa, a Tai<>Ke 
3arpy>KaK)TCfl b naMATb c noMOiubK) Hana/ibHoro 3arpy3HHKa b momcht 
nonyHeHHjq AaHHbix c 3arpy30HHoro ycrpoPicTBa. 

3arpy3Ka KOMnomeHTOB 

Tenepb, KorAa coAep>KHMoe 3arpy30HHoro ycrpoPicTBa AOCTynHO, 
ycTaHOBLUHK 3arpy>KaeT Bee c|)aPi.nbi, Heo6xoAHMbie f\nn npoAO/i>KeHHfl 
CBoePi pa6oTbi. Ckdas bxoa^t Aono/iHHTe/ibHbie ApaPiBepa Ann 
ocraBLuerocfl o6opyAOBaHHfl (oco6eHHO ceTeBoPi KapTbi), a TaK>xe Bee 
KOMnoHeHTbi nporpaMMbi ycTaHOBKH. Ha btom 3Tane, ycTaHOBLUHK 
nonpo6yeT aBTOMaTHnecKH onpeAe/iHTb ceTeByK) KapTy h 3arpy3MTb 
cooTBeTCTByK)LunPi MOAynb. Ec/ih aBTOMaTHnecKoe onpeAe/ieHHe He 
yAacrca, to Bbi cMO>KeTe nonpo6oBaTb 3arpy3MTb Heo6xoAHMbiPi 
MOAynb BpyHHyK). Ec/ih >Ke h a/ibTepHaTHBHbie cnoco6bi 3aBepmnnncb 
HeyAanePi, Bbi MO>KeTe 3arpy3HTb onpeAe/ieHHbiPi MOAy/ib co cbeMHoro 
ycrpoPicTBa. K noc/ieAHeMy cnoco6y cne/xyej npn6eraTb jiHLUb b 
c/iynae, KorAa Hy>KHbiPi ApaPiBep He bk/ilohch b craHAapTHoe aa po 
Linux, ho AOCTyneH b ApyroM MecTe, KaK, HanpHMep, Ha caPiTe 
npon3BOAHTena. 

3tot mar AO/i>KeH 6biTb a6co/iK)THO ycnemHbiM Ann ceTeBbix 
ycTaHOBOK (HanpHMep, A-ns Tex, KOTopbie 6bi/iH 3arpy>KeHbi c 
mini.iso), TaK KaK naKeTbi Debian AO/i>KHbi 6biTb 3arpy>KeHbi H3 ceTH. 

HacTpoMKa cem 

Ann Toro HTo6bi MaKCHMa/ibHO aBTOMaTH3npoBaTb npouecc, 
ycTaHOBLUHK npo6yeT aBTOMaTHnecKH HacTpoHTb ycTaHOBKH ceTH 
Hcnonb3yji AHHaMHnecKHH npoTOKon HacTpoHKH xocTa (dynamic host 
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configuration protocol (DHCP)) (A-rm IPv4 i/i IPv6) m ICMPv6's 
N eighbor Discovery Protocol (A.rm IPv6), KaK noKa3aHO Ha pi/icyHKe 
4.5, «ABTOMaTMHecKaa HacrpoMKa ceTM» [page 71]. 



PiicyHOK 4.5 ABTOMaTwecKax 
HacrpoMKa cerM 

Ec/ii/i aBTOMaTHnecKaa HacTpoPiKa He yAanacb, nporpaMMa ycraHOBKi/i 
npeA/io>KMT BaM 6o/ibi±ie BapnaHTOB: HanpHMep, noBTopi/iTb nonbiTKy 
c HopMa/ibHoPi KOHcjDMrypauMeM DHCP, nonpo6oBaTb HacTpoMTb DHCP, 
yKa3aB mma ManiMHbi m/im ycraHOBi/iTb cTaTHHecKi/ie ceTeBbie 
HaCTpOMKM. 

3Ta noc/ieAHflfl onui/m Tpe6yeT IP-aApec, Macicy noAceTH, IP-aApec 
A-n^ noTeHMManbHoro Lu/iK)3a, mma ManiMHbi m hmji AOMeHa. 


KoHcpurypauriq 6e3 DHCP 

Ec/im /lOKa/ibHaa ceTb o6opyAOBaHa cepBepoM DHCP, KOTopbm Bbi He 
xoTMTe ncno/ib30BaTb, nocKO/ibicy npeAnoHMTaeTe onpeAe/iflTb 
CTaTMHecKMM IP-aApec A-rm Mai±ii/iHbi bo BpeMA ycraHOBKi/i, Bbi MO>KeTe 
Ao6aBHTb napaMeTp netcfg / use_dhcp = false npi/i 3arpy3Ke. BaM 
npOCTO Hy>KHO OTpeASKTHpOBaTb Hy>KHyK) n03MUMK) MeHKD, H3>KaB 
K/iaBHLuy Tab h Ao6aBHB >Ke/iaeMyK> onqMK), npe>KAe, neM Ha>KMMaTb 
K/iaBMiiiy Enter. 


KopHeBOM napo/ib 
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YcTaHOBLUMK 3anpawi/iBaeT napo/ib (pi/icyHOK 4.6, «KopHeBOM 
napo/ib» [cTp. 72]), nocKO/ibKy oh aBTOMaTHnecKM co3AaeT 
cynepno/ib30BaTe/ibCKyK) yneTHyK) 3anncb root. YcTaHOBLUHK TaK>Ke 
3anpaniMBaeT noATBep>KA6HMe naporm, HTo6bi npeAOTBpaTi/iTb /iK)6yK) 
OLun6Ky BBOAa, KOTopyK) Bnoc/ieACTBMM 6yAeT oneHb TpyAHO 
yCTpaHHTb. 



Set up users and passwords 


You need to set a password for root', the system administrative account. A malicious or unqualified user 
with root access can have disastrous results, so you should take care to choose a root password that is 
not easy to guess. It should not be a word found in dictionaries, or a word that could be easily 
associated with you. 

A good password will contain a mixture of letters, numbers and punctuation and should be changed at 
regular intervals. 

The root user should not have an empty password. If you leave this empty, the root account will be 
disabled and the system's initial user account will be given the power to become root using the ' sudo 
command. 

Note that you will not be able to see the password as you type it. 

Root password: 

□ Show Password in Clear 

Please enter the same root password again to verify that you have typed it correctly. 

Re-enter password to verify: 

| 

G Show Password in Clear 


Screenshot Go Back I Continue 


Pmc. 4.6 flapo/ib root 


napo/ib aflMMHMCTpaTopa 

napo/ib no/ib30BaTe/ia rootAO/i>KeH 6biTb A-nnHHbiM (BOceMb cmmbo/iob 
mjii/i Aa>Ke 6o/ibiue) m yHmca/ibHbiM, nocKO/ibKy 3/ioyMbiLu/ieHHi/iKi/i, 
aTaicyfl KOMnbKrrepbi m cepBepbi, noAK/iK)HeHHbie k 1/lHTepHeTy, 
ncnonb3yK)T aBTOMaTM3npoBaHHbie 1/mcTpyMeHTbi, KOTopbie nbuaKrrcfl 
bomtm b cMCTeMy, ncnojib3yjR caMbie oneBMAHbie m o6menpnHflTbie 
napo/ii/i. 1/lHorAa 3/ioyMbiLuneHHMKM ncno/ib3yK)T aTaicy nepe6op no 
c/iOBapK) (dictionary attack), cyTb KOTopoPi 3aK/iK>HaeTc?i b nepe6ope 
MHO>KecTBa K0M6nHaunM c/iOB m HMce/i b KanecTBe napo/ia. Mbl 
HacTOflTe/ibHO He peKOMeHAyeM BaM ncno/ib30BaTb i/iMeHa AeTen i/i/im 
poAHTe/iePi, a Tai<>Ke ahm pokaghma Bam mx 6/im3kmx, noTOMy hto 
noAo6Horo poAa napo/in, BcerAa noA6npaK)TCfl c oco6oPi /lericocTbK). 
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3tm 3aMeHaHkm oamh3kobo npMMeHMMbi k ApyrMM napormM 
no/ib30BaTe/iePi, ho noc/ieACTBMfl B3/iOMa o6biHHoPi yneTHoPi 3anncn 
MeHee kpmtmhhh A-rm no/ib30BaTe/iePi, He MMeiOLUMx npaB 
aAMMHMCTpaTopa. 

Ec/im >Ke Bbi nepe>KMBaeTe TBopnecKMM Kpn3nc m 3aTpyAH?ieTecb 
npMAyMaTb yHMKa/ibHbiPi napo/ib, to, a6co/iK)THO He 3aAyMbiBaacb, 
ncno/ib3yPiTe reHepaTop napo/iePi, TaKoPi KaK pwgen (ero mo>kho 
H3MTM B naKeTe C T3KMM >Ke MMeHeM, KOTOpblPi BK/IKDHeH B 6a30ByK) 
ycTaHOBKy Kali). 


HacTpoMKa nacoB 

Ec/im ceTb nBnnejcn AOCTynHoPi, BHyTpeHHMe nacbi cMCTeMbi 6yAyT 
o6HOBneHbi M3 cepBepa ceTeBoro npoTOKO/ia BpeMeHM (network time 
protocol (NTP) server). 3to AB/iaeTCfl oneHb no/ie3HbiM, noTOMy hto 
rapaHTMpyeT, hto OTMeTKM BpeMeHM b >KypHa/iax 6yAyT KoppeKTHbiMM 
c nepBoPi 3arpy3KM. 

Ec/im Bama cTpaHa oxBaTbiBaeT HecKO/ibKO nacoBbix noacoB, Bac 
nonpoc^T Bbi6paTb nacoBoPi noac, KOTopbiPi Bbi xoTMTe Mcno/ib30BaTb, 
Kax 3 to noKa3aHO Ha pncyHKe 4.7, «Bbi6op nacoBoro noaca» [page 
73]. 



Configure the clock 


If the desired time zone is not listed, then please go back to the step 'Choose language" and select a 
country that uses the desired time zone (the country where you live or are located). 

Select your time zone: 



Screenshot Go Back | Continue 

Pmc. 4.7 Bbi6op nacoBoro noflca 
OnpeAe/ieHMe amckob m Apyrnx ycrpoPicTB 
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3tot mar aBTOMaTMHecKM onpeAe/ifleT wecncMe auckm, Ha KOTopbix 
MO>KeT 6biTb ycraHOB/ieH Kali, KawAbiM H3 KOTopbix 6yfleT 
npeflCTaB/ieH b c/ieflyK)ineM ware: BbiAeneHi/ie pa3Ae/iOB. 

Bbifle/ienne pa3fle/iOB 

Bbi/jeneHue pa3^enoB fjBnnejcn Heo6xoAMMbiM maroM b npouecce 
ycTaHOBKM, KOTopbM coctoht b tom, HTo6bi pa3Ae/iMTb AOCTynHoe 
MecTO Ha wecTKOM AHCKe Ha OTAe/ibHbie Haem (pa3Aenbi) b 
cooTBeTCTBHH c npeAno/iaraeMoPi c|}yHKi4MeM KOMnbKrrepa h btmx 
pa3Ae/iOB. BbiAe/ieHkie pa3Ae/iOB Ta K>Ke BK/iK)HaeT b ce6n 
onpeAe/ieHMe tom c^aM/iOBd/i CMcreMbi, KOTopyK) 6yAeT Mcno/ib30BaTb 
3 tot pa3Ae/i. CAe/iaHHbiM BaMM Bbi6op 6yAeT HMeTb orpoMHoe 
B/iMAHMe Ha npon3BOAHTe/ibHOCTb, 6e3onacHOCTb AaHHbix h 
ynpaBneHHe cepBepoM. 

LLIar, cBA3aHHbiM c BbiAe/ieHkieM pa3Ae/iOB, o6biHHO AB/iaeTCfl 
AOBO/ibHO c/io>KHbiM p,nn HOBbix no/ib30BaTejieM. OAHaKO cjDaM/iOBbie 
ci/icTeMbi h pa3Ae/ibi Linux, BK/iK)Hafl BHpTya/ibHyK) naMATb (m/im 
pa3Ae/ibi nomauKu), AO/i>KHbi 6biTb onpeAe/ieHbi, nocKO/ibicy ohm 
o6pa3yK)T cj^yHAaMeHT cMCTeMbi. 3Ta 3aAana MO>KeT 6biTb yc/io>KHeHa, 
ec/iM Bbi y>Ke ycTaHOBM/iM ApyryK) onepauMOHHyK) cMCTeMy Ha Bamy 
MaLUMHy, M Bbl XOTMTe, HT 06 bl 3TM ABe CMCTeMa COBMeCTHO 
cocymecTBOBa/iM. B btom c/iynae Bbi AO/i>KHbi 6biTb yBepeHbi, hto He 
M3MeHMTe cbom pa3Ae/ibi m/im, ec/iM noTpe6yeTCfl, M3MeHMTe mx 
pa3Mep 6e3 HaHeceHMA KaKoro-/iM6o BpeAa mx coAep>KMMOMy. 

Ann Mcno/ib30BaHM^ 6o/iee o6meM (m npocToPi) cxeMbi pa3Ae/ieHMfl, 
6onbiiiMHCTBO no/ib30BaTe/ieM npeAnoHTyT ynpaBrweMbw (Guided) 
pe>KMM, KOTOpbIM CMO>KeT nOpeKOMeHAOBaTb BaM KOHCf)Mrypai4MK) 
pa3Ae/iOB m npeAOCTaBMTb coBeTbi OTHOCMTe/ibHO Ka>KAoro mara 
AaHHoro npouecca. Bo/iee npoABMHyTbie no/ib30BaTe/iM, cKopee 
Bcero, npeAnoHTyT Mcno/ib30BaTb pe>KMM PyuHoti HacrpouKu, KOTopbiPi 
no3BO/ifleT Mcno/ib30BaTb 6o/iee pacniMpeHHbie KOHcjmrypauMM. 
KawAbiM pe>KMM MMeeT onpeAe/ieHHbie bo3mo>khoctm. 
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Partition disks 

the installer can guide you through partitioning a disk (using different standard schemes) o t. if you 
prefer, you can do it manually. With guided partitioning you will still have a chance later to review and 
customise the results. 

If you choose guided partitioning for an entire disk, you will next be asked which disk should be used. 

PartrtxxwTg method. 



Screenshot Go Back Continue 

Pmcyhok4.8 Bbi6op pe>KMMa pa3/ieneHMx 

YnpaB/meMoe pa3fleneHne 

llepBbiM 3KpaH b MHCTpyMeHTe pa3AeneHi/m (pi/icyHOK 4.8, «Bbi6op 
pe>KMMa pa3Ae/ieHM5q») npeACTaBrmeT o6mee oni/icam/ie A-rm 
ynpaBrmeMoro m pyHHoro pe>KMMOB pa3Ae/iem/m. "YnpaB.rmeMbiM - 
ncnonb30BaTb qe/ibrn auck" ("Guided - use entire disk") AB/iaeTCfl 
caMoPi npocToPi m caMoPi pacnpocTpaHem-ioi/i cxeMoPi pa3Ae/iOB, 
KOTopajR BbiAermeT Becb auck A-rm Kali Linux. 

C/ieAyKDLUne ABa Bapi/iaHTa ncno/ib3yK)T Logical Volume Manager 
(LVM) A-TIfl HaCTpOMKM /10rHHeCKMX (BMeCTO C|}H3MHeCKMX) Bbl6opOHHO 
3anii/ict3poBaHHbix pa3Ae/iOB. Mbi o6cyAHM LVM 1/1 LUMcJ}poBai-me 
HeMHoro no3>Ke b 3tom rnaBe. 

I/I HaKOHeq, noc/ieAHMM BapHaHT 3anycKaeT pe>KMM npouecca 
pa3AeJiem/m BpyHHyio, KOTopbii/i no3BormeT ncno/ib30BaTb 6o/iee 
4)yHKu,M0Ha/ibHyK) cxeMy pa3Ae/iem/m, KaK HanpuMep, ycraHOBi/iTb 
Kali Linux Hap^Ay c ApyrnMi/i onepaui/iom-ibiMi/i cMCTeMaMM. Mbi 
o6cyAHM pyHHoPi pe>KMM b cneAyKDLueM pa3Ae/ie. 

B 3tom npMMepe, Mbi 6yAeM BbiAermTb Becb auck A-rm Kali, hto 
03HanaeT, hto Mbi Bbi6parm "Guided - use entire disk" A-rm nepexoAa 
k cneAyKDmeMy niary. 
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CneAyKDLUMM 3KpaH (noKa3aHHbm Ha pi/icyHKe 4.9 «/}mck, 

ncnonb3yeMbiM a/ijr ynpaB/iaeMoro pa3Ae/ieHMfl» [page 75]) 
n03B0/lfieT BaM Bbl6paTb AUCK, Ha KOTOpblM Bbl XOTl/ITe yCTaHOBHTb, 
nyTeM Bbi6opa cooTBeTCTByK>mero nyHKTa (HanpMMep, "Virtual disk 1 
(vda) - 32.2 GB Virtio Block Device"), noc/ie Bbi6opa, ynpaB/iaeMoe 
pa3Ae/ieHne npoAO/i>KMTCfl. Ha btom 3Tane Bee AaHHbie Ha Ancice 
6yAyT 6e3B03BpaTH0 crepTbi, TaK hto noAxoAHTe k npoqeccy Bbi6opa 
c yMOM. 



Partition disks 


Note that all data on the disk you select will be erased, but not before you have confirmed that you 
really want to make the changes. 

Select disk to partition: 



Screenshot Go Back | [ Continue J 


PiicyHOK 4.9 Amck, Mcnonb3yeMbiM /j/ifi ynpaB/izeMoro pa3/ienei-wfi 

fla/iee, i/mcTpyMeHT ynpaB/iaeMoro pa3Ae/ieHMfl npeA-no>KMT 3 MeTOAa 
pa3AeneHi/m, KOTopbie cooTBeTCTByKDT pa3/iMHHbiM cxeMaM 
pa3Ae/ieHna, KaK noKa3aHO Ha pucyHice 4.10, «ynpaBrmeMoe 
pacnpeAeneHMe pa3Ae/iOB» [cTp. 76]. 
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Partition disks 

Selected for partitioning: 

Virtual disk 1 (vda) - Vlrtlo Block Device: 32.2 GB 

The disk can be partitioned using one of several different schemes. If you are unsure, choose the first 
one. 

Partttromng schemer 



Screenshot Go Back Continue 

PucyHOK 4.10 ynpaBrweMoe pacnpe^eneHi^e pa3Ae/iOB 

nepBbiM MeTOfl Ha3biBaeTCfl «Bce c^an/ibi b oahom pa3Ae/ie» ("All files 
in one partition."). Bee AepeBO cMCTeMbi Linux xpaHMTca b oahom 
c^aM/iOBOM cMCTeMe, cooTBeTCTByiomeM KopHeBOMy KaTa/iory («/»). 
3Ta npocTaa m HaA6>KHafl cxeMa pa3Ae/ieHMfl ot/imhho pa6oTaeT unn 
nepcoHa/ibHbix mjim OAHononb30BaTe/ibCKnx cucTeM. HecMOTpa Ha 
Ha3BaHi/ie, Ha caMOM Aene 6yAyT co3AaHbi Aea pa3Ae/ia: b nepBOM 
6yAeT pa3MemeHa normal cMCTeMa, bo btopom - BMpTya/ibHaa naMATb 
(i/mi/i "swap"). 

Btopom MeTOA «OTAe/ibHoe /home/ pa3Ae/ieHne» («Separate /home/ 
partition») AB-rmeTca aHa/iorMHHbiM, ho oh pa3Ae/ifleT MepapxMK) 
c^aM/iOB Ha ABe Hacn/i: oahh pa3Aen coAep>KMT CMCTeMy Linux (/), a 
btopom coAep>KHT «AOMai±iHMe KaTanorn» (hto 03HanaeT AaHHbie 
no/ib30BaTejifl, b c^aM/iax m noAKaTanorax AOCTynHbi noA /home/). 
Oaho H3 npei/iMymecTB 3Toro MeTOAa 3aKnK)HaeTCfl b tom, hto BaM 
6yAeT nerKO coxpaHMTb AaHHbie no.nb30BaTe.neM, ec/iM BaM Hy>KHO 
nepeycTaHOBMTb CMCTeMy. 

I/I HaKOHeu, noc/ieAHHki mctoa pa3Ae/ieHMfl, noA Ha3BaHneM 
«OTAe/ibHoe /home, /var, m /tmp pa3Ae/ieHne» ("Separate /home, 
/var, and /tmp partitions,") oneHb xopomo noAxoAHT A-rm cepBepoB m 
MHorono/ib30BaTe/ibCKnx cmctcm. Oh Ae/iMT AepeBO cjoan/iOB Ha 
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MHOwecTBO pa3Ae/iOB: noMMMO pa3Ae/iOB root (/) m yneTHbix 3annceM 
no/ib30BaTeneM (/ home /), oh Tai<>Ke i/iMeeT pa3Ae/ibi A-rm AaHHbix 
nporpaMMHoro o6ecneHeHi/m cepBepa (/ var /) m BpeMeHHbix cj^aM/iOB 
(/ tmp /). Oaho m 3 npeMMymecTB 3Toro MeTOAa 3aK/iK)HaeTCfl b tom, 
hto KOHenHbie no/ib30BaTe/iM He MoryT 6/iOKMpoBaTb cepBep, 
noTpe6rmfl Bee AOCTynHoe npocTpaHCTBO Ha wecTKOM AncKe (ohm 
M oryT 3ano/iHflTb TO/ibKO / tmp / m / home /).B to >Ke BpeMA AaHHbie 
ASMOHa (oco6eHHO >KypHa/ibi) 6o/ibiiie He MoryT 3a6MBaTb ocTa/ibHyK) 
HaCTb CMCTeMbl. 

noc/ie Bbi6opa TMna pa3Ae/ia ycTaHOBLUMK npeACTaBMT BaM cBOAKy 
BaniMx Bbi6opoB Ha 3KpaHe b bmas KapTbi pa3Ae/iOB (pMcyHOK 4.11, 
«npoBepKa pa36MeHMA Ha pa3Ae/ibi» [cTp. 77]). Bbi MO>KeTe 
OTpeAaKTMpoBaTb «a>KAbiM pa3Ae/i no OTAe/ibHOCTM nyTeM Bbi6opoM 
Heo6xoAMMoro pa3Ae/ia. HanpMMep, Bbi MO>KeTe cMeHMTb (JjaM/iOByK) 
CMCTeMy, Mcno/ib3yeMyK) pa3Ae/iOM, ec/iM craHAapTHaa (ext4) BaM He 
noAxoAMT. OAHaico, b 6o/ibi±iMHCTBe npeA-naraeMoe pa3AeneHMe 
AB/iaeTCfl pa3yMHbiM, m Bbi MO>xeTe npMHATb ero, Bbi6paB «3aBepniMTb 
pa36MeHMe Ha pa3Ae/ibi m 3anMcaTb M3MeHeHMfl Ha ahck». 
Be3yc/iOBHO, mo>kho coBepniMTb AaHHbiM Bbi6op no yMO/inaHMK), ho 
Bbi6MpaMTe c yMOM, t.k. Bee AaHHbie Ha Bbi6paHHOM Ancice 6yAyT 
CTepTbl. 



Partition disks 


This ts an o«rww of your currency configured partitions and mount points- Select a partition to modify its settings 
ffHe system, mount point, etc.) a free space to create partitions, or a device to irvtiaKee its partition tadie. 

Guided partitioning 
Configure software RAID 
Configure the Logical Volume Manager 
Configure encrypted volumes 
Configure iSCSI volumes 

v Virtual disk 1 (vda) • 32.2 GB Virtio Block Device 

> #1 primary 30.1 GB f ext4 / 

> IS logical 2.1 GB f swap swap 

Undo changes to partitions 


Finish partitioning and write changes to disk 


Screenshot Help Go Bark Continue 

PitcyHOK 4.11 flpoBepKa pa36MeHMfj Ha pa3/ienbi 
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PyHHoe pa3fle/i0Hne 


Bbi6op Manual (BpynHyio) Ha maBHOM aKpaHe "Pa3AeneHne ahckob" 
(PkicyHOK 4.8, "Bb/6op pewMMa pa3/ie/ieHMn” [crp.74]), npeAOCTaBMT 
BaM HaMHoro 6o/ibiiiyK) rn6KOCTb, no3Bormfl Bbi6npaTb MHO>KecTBO 
AOnO/lHMTe/lbHblX KOHCf)MrypaMMM M KOHKpeTHO Bbl6npaTb Ha3HaHeHMe 
i/i pa3Mep Ka>KAoro pa3Ae/ia. HanpMMep, btot pe>KMM no3BO/iMT BaM 
ycTaHOBHTb Kali Hap^Ay c ApyrMMM onepauMOHHbiMM ci/icTeMaMH, 
BK/iiOHHTb pe3epBHbM Ha6op He3aBi/icnMbix ahckob (redundant array 
of independent disks (RAID)) Ha ocHOBe nporpaMMHoro o6ecneHeHi/m 
A-rm 3amnTbi AaHHbix ot c6oeB b pa6oTe wecTKoro Ancxa m 6e3onacHO 
M3MeHflTb pa3Mepbl CyLUGCTByKDLUHX pa3Ae/10B 6e3 nOTepkl AaHHbix, 
noMHMO nponero. 


CoKpau 4 eHne Pa3fle/iOB Windows 

Ann toto, HTo6bi ycraHOBMTb Kali Linux Ha KOMnbKrrep, Ha kotopom 
y>xe MMeeTCfl Apyraa onepauMOHHaa cMcreMa (HanpMMep, Windows), 
BaM noHaAo6MTCfl Mcno/ib30BaTb He3aAeMCTBOBaHHoe npocTpaHCTBO 
>xecTKoro Ancxa Ann pa3Ae/iOB, npeAHa3HaneHHbix Ann Kali. B 
6o/ibLUMHCTBe c/iynaeB bto 03HanaeT coKpameHMe cymecTByiomero 
pa3Ae/ia m noBTopHoe Mcno/ib30BaHMe ocBo6o>KAeHHoro 
npocTpaHCTBa. 

Ec/im Bbi Mcno/ib3yeTe pe>KMM pa3Ae/ieHMfl BpynHyio, to ycraHOBiAMK 
MO>xeT coicpaTMTb HexoTopbie pa3Ae/ibi Windows AOBO/ibHO npocTO. 
BaM Bcero Ha Bcero noHaAo6MTCfl Bbi6paTb pa3Ae/i Windows m BBecTM 
ero HOBbiM pa3Mep (btot cnoco6 pa6oTaeT xax c FAT pa3Ae/iaMM, Tax 
m c NTFS pa3Ae/iaMM). 


Ec/im Bbi AB/ifleTecb MeHee onbiTHbiM no/ib30BaTeneM, KOTopbiM 
pa6oTaeT c cmctcmom, coAepwamei/i HexoTopbie AaHHbie, 6yAbTe 
OHeHb OCTOpO>KHbl C 3TMM MeTOAOM HaCTpOMKM, TaK KaK OHeHb nerKO 
coBepmaTb olum6km, KOTopbie MoryT npMBecTM k 6e3B03BpaTH0M 
noTepe AaHHbix. 

nepBbiM 3KpaH b pyHHOM ycTaHOBLUMKe nsnnejcn npaKTMHecKMMM 
t3kmm >xe, Kax m Ha pMcyHKe 4.11 «npoBepKa BbiAe/ieHMA pa3Ae/iOB» 
[CTp. 77], 3a MCK/IKDHeHMeM TOTO, HTO OH He COAep>KMT HMK3KMX HOBbIX 
pa3Ae/10B A™ C03AaHMfl. 3tO 33BMCMT OT Bac, 3aXOTMTe /1M Bbi MX 
Ao6aBMTb. 
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Chiana/ia Bbi yBi/iAMTe onui/uo A-rm BBOAa «ynpaB/ifleMoe pa3AeneHi/ie», 
3a kotopom 6yAyT c/ieAOBaTb HeKOTopbie onunn KOHcfjMrypaMMM. 
3aTeM ycTaHOBLUMK noKa>KeT AOCTynHbie ahcki/i, mx pa 3 Ae/ibi m /iio6oe 
CBo6oAHoe npocTpaHCTBO, KOTopoe eme He 6bmo pacnpeAe/ieHO. Bbi 
MO>KeTe Bbi6paTb Ka>KAbiM OTo6pa>KaeMbiM 3/ieMeHT 1/1 KaK o6bNHO 
Ha>KaTb K/iaBMLuy Enter A-rm B3ai/iMOAeMCTBi/m c hum. 

EC/ll/l AHCK COBepilieHHO HOBbIM, BaM MO>KeT n0Tpe60BaTbC5q C03AaTb 
Ta6/inuy pa3Ae/iOB. Bbi MO>KeTe CAe/iaTb bto, Bbi6paB ahck. noc/ie 
3T0r0 Bbi AO/l>KHbl yBHASTb CB 060 AH 0 e MeCTO Ha AHCKe. 

HTo6bi ncno/ib30BaTb bto CBo6oAHoe npocTpaHCTBO, Bbi AO/i>KHbi 
Bbi6paTb ero, h ycTaHOBLUHK npeA.no>KMT BaM ABa cnoco6a co3AaHi/m 
pa3Ae/iOB Ha btom npocrpaHCTBe. 



PwcyHOK 4.12 Co3/jdHMe pa3/je/iOB 
Ha nycroM amckobom npocrpaHCTBe 

nepBbiM nyHKT co3AacT OTAe/ibHbiPi pa3Ae/i c xapaKTepi/icTmcaMi/i 
(BK/nonaa pa3Mep) no BameMy Bbi6opy. BTopoPi nyHKT 6yAeT 
ncno/ib30BaTb Bee CBo6oAHoe npocTpaHCTBO 1/1 co3AaBaTb b HeM 
HecKO/ibKO pa3AenoB c noMombio ynpaBrmeMoro MacTepa pa3Ae/ieHi/m 
(cm. Pa3Ae/i 4.2.1.12.1 «YnpaB/ifieMoe pa3AeneHne» [cTp. 75]). 3tot 
napaMeTp oco6eHHO MHTepeceH, ec/ii/i Bbi xoTMTe ycraHOBMTb Kali 
BMecTe c ApyroPi onepaui/iOHHOM cMcreMOM, ho ecrrn Bbi He xoTMTe 
ynpaB/iflTb cxeMoPi pa3Ae/ieHi/m. noc/ieAHm/i nyHKT noKa>KeT 
cooTBeTCTBeHHO HOMepa uMriMHApa/ronoBKH/ceKTopa 

(cylinder/head/sector) Hana/ia m KOHua cBo6oAHoro npocTpaHCTBa. 
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Korfla Bbi Bbi6epnTe «Co3AaTb HOBbii/i pa3Aen», Bbi nonaAeTe b cepAUe 
pyHHOM nocneAOBaTe/ibHOCTM pa3Ae/ieHi/i5i. noc/ie Bbi6opa btom onum/i 
BaM 6yAeT npeA-noweHO yi<a3aTb pa3Mep pa3Ae/ia. Ec/ii/i Ha A^cice 
i/icno/ib3yeTC5i Ta6.n1/114a pa3Ae/iOB MSDOS, BaM 6yAeT npeAOCTaB/ieHa 
B03M0>KH0CTb C03AaTb OCHOBHOM M/ll/l /lOTHHeCKHM pa3Ae/l. (Ba>KHO 
3HaTb: y Bac MO>KeT 6biTb Bcero neTbipe ocHOBHbix pa3Ae/ia i/i 
MHOwecTBO /lori/inecKi/ix. Pa3Aen, coAepwamm/i /boot, i/i 
COOTBeTCTBeHHO 51APO, AO/l>KeH 6blTb OCHOBHbIM. JlOri/NeCKl/ie pa3Aenbl 
I10CT051HH0 XpaH51TC51 B paCLUHpeHHOM pa3Ae/ie, KOTOpblM B CBOK) 
onepeAb, i/icno/ib3yeT oahh 1/13 neTbipex ocHOBHbix pa3Ae/iOB.) 3aTeM 
Bbi Aon>KHbi yBHASTb o6u\\av\ 3«paH KOHc|}i/irypai4i/ii/i pa3Ae/ia: 



PucyHOK 4.13 3/cpan HacrponKH 
pa3AeneHMz 

HTo6bi o6o6mnTb 3 tot mar pynHoro pa3Ae/ieHi/m, AaBai/iTe 

paccMOTpHM, hto Bbi MO>KeTe Ae/iaTb c HOBbiM pa3Ae/iOM. Bbi MO>KeTe: 

• OTcjDopMaTMpoBaTb ero v\ BK/iKDHHTb b AepeBO C^aM/lOB, Bbi6paB 
TOHKy MOHTMpoBaHTonica MOHTi/ipoBaHi/i5i - 3 to xaTa/ior, B 
kotopom 6yAeT pa3MemaTbC5i coAep>Ki/iMoe cj^aM/iOBoPi cMcreMbi Ha 
Bbi6paHHOM pa3Aene. Taici/iM o6pa30M, pa3Aen, CMOHTi/ipoBaHHbii/i b 
/home/, TpaAHUMOHHO npeAHa3HaneH A-rm xpaHeHHJi 
no/ib30BaTe/ibCKnx AaHHbix, a «/» n3BecTeH KaK root A-rm AepeBa 
ct)aM/iOB i/i, c/ieAOBaTe/ibHO, root pa3Aena, Ha kotopom 6yAeT 
c|)aKTMHecKM ycTaHOBneHa ci/icTeMa Kali. 

• l/1cno/ib30BaTb ero KaK pa3/\en noAKavKM (swap partition). KorAa b 
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flflpe Linux HeAOcraTOHHO cbo6oahom naMATM, oh 6yAeT xpaHMTb 
HeaKTHBHbie Haem 03Y b cneui/ia/ibHOM pa3Ae/ie noAKaHKH Ha 
wecTKOM AHCKe. noACHCTeMa BMpTya/ibHoPi naMATi/i Ae/iaeT ero 
npo3paHHbiM f\nn npmiOKeHi/iPi. Ann HMHTauHH Aono/iHHTe/ibHoPi 
naMj^TM Windows ncno/ib3yeT cjoaM/i noAKaHKH (swap h/im paging 
file), KOTopbM coAep>KHTC}q HenocpeACTBeHHO b c^aPmoBoPi cHCTeMe. 
B to BpeMfl KaK Linux ncnonb3yeT pa3Ae/i, npeAHa3HaneHHbiPi f\nn 
3T0H ue/lkl, OTCKDAa M B03HMKaeT TepMHH pa3Ae/l noAKaHKH (swap 
partition). 

• CAe/iaTb ero «<£i/i3MHecKi/iM tomom f\nn LVM» (btot Bonpoc He 
paccMaTpHBaeTca b HawePi KHi/ire). 06paTHTe BHHMaHHe, hto 3Ta 
ctjyHKUM^ ncno/ib3yeTca ynpaB/iaeMbiM pa3Ae/ieHi/ieM npn 
HacTpoPiKe 3awnc|3poBaHHbix pa3Ae/iOB. 

• CAe/iaTb ero «ct>M3HHecKMM tomom j\nn iunc|)poBaHMfl», HTo6bi 
3amnTHTb KOHcf)HASHUMa/ibHOCTb AaHHbix Ha onpeAe/ieHHbix 
pa3Ae/iax. 3tot momcht aBTOMaTM3npoBaH b ynpaB/iaeMOM 
pa3Ae/ieHnn. Ana no/iyneHMA Aono/iHMTe/ibHoPi nHcf)opMauMn cm. 
Pa3Aen 4.2.2 «YcTaHOBKa Ha no/iHOCTbK) 3aLuncf)poBaHHyK) 
c^aPmoByK) cncTeMy» [cTp. 85]. 

• l/lcno/ib30BaTb ero KaK RAID ycrpoPicTBO (AaHHbiPi Bonpoc He 
paccMOTpeH b HawePi KHi/ire). 

• He ncno/ib30BaTb pa3Ae/i h ocTaBbTe ero HeM3MeHHbiM. 

• no 3aBepmeHHK) Bbi MO>KeTe /11/160 OTKa3aTbCfl ot pyHHoro 
pa36neHi/m AHCKa, Bbi6paB «OTMeHMTb n3MeHeHMfl b pa3Ae/iax», 
1/1/11/1 3anncaTb cbom n3MeHeHna Ha ahck, Bbi6paB «3aBepwi/iTb 
pa36neHne Ha pa3Ae/ibi h 3anncaTb n3MeHeHna Ha ahck» Ha BKpaHe 
pyHHoro ycTaHOBLUHKa (pncyHOK 4.11 «npoBepKa pa36neHi/m Ha 
pa3Ae/ibi») [cTp. 77]). 

KormpoBaHne >khboto o6pa3a 

3tot c/ieAyK)mnPi mar, KOTopbiPi He Tpe6yeT KaKoro-/in6o 

B3anMOAePicTBH}q c no/ib30BaTe/ieM, Koni/ipyeT coAep>KHMoe >KHBoro 

o6pa3a b ue/ieByK) cfiaPi/iOByK) ci/icreMy, KaK noKa3aHO Ha pHcyHKe 

4.14 «KonnpoBaHne AaHHbix H3 >KHBoro o6pa3a» [crp. 80]. 
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KALI 


Install the system 



Copying data to disk. 


Installing the system... 


PiicyHOK 4.14 KonMpoBahwe /jaHHbix M3 MMBoro o6pa3a 

HacrpoMKa AMcnervepa naKeroB (apt) 

HT 06 bl MMeTb B03M0>KH0CTb yCTaHaB/lMBaTb AOnOflHMTe/lbHOe 
nporpaMMHoe o6ecneHeHne, Heo6xoAMMO HacrponTb APT n yKa3aTb, 
rAe oho cMO>KeT HaMTi/i naKeTbi Debian. B Kali btot mar, b ochobhom, 
AB/ifleTca HeMHTepaKTMBHbiM, nocKO/ibKy Mbi Hacrai/iBaeM Ha 
ncnonb30BaHnn 3epKa/ia http.kali. org. BaM Bcero Ha Bcero ocTaeTca 
nOATBepAHTb, XOTMTe JIM Bbl MCn0/lb30BaTb 3T0 3epKa/10 (PklCyHOK 
4.15, "Bbi XOTMTe Mcno/ib30BaTb ceTeBoe 3epKano?" [crp. 81]). Ectim 
>K e Bbi He XOTMTe Mcno/ib30BaTb ero, Bbi He cMO>KeTe ycTaHOBMTb 
Aono/iHMTenbHbie naKeTbi c noMombio apt, ao Tex nop, noKa Bbi He 
HacTpoMTe peno3MTopMM naKeTOB. 
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PiicyHOK 4.15 Bbi xoTi/ire i/icnonb30Barb cereBoe 3epKano? 

Ec/ii/i Bbi xoTMTe ncno/ib30BaTb noKa/ibHoe 3epKa/io BMecTO 
http.kali.org, Bbi MOweTe BBecTi/i ero mmjr b KOMaHAHOi/i cTpoKe aa pa 
(npM 3arpy3Ke), ncno/ib3ya ci/iHTaKci/ic, KOTopbiM 6yAeT BbirrmAeTb 
c/ieAyKDmnM o6pa30M: rr\\rror/http/hostr\ame=my.own.mirror. 

I/I HaKOHeu, nporpaMMa npeA-naraeT ncno/ib30BaTb HTTP proxy > KaK 
noKa3aHO Ha pi/icyHKe 4.16, «l/lcno/ib3yPiTe HTTP Proxy» [cTp. 82]. 
HTTP proxy nanneTcn cepBepoM, KOTopbM OTnpaB/ineT HTTP-3anpocbi 
A-rm nonb30BaTe/ieM ceTi/i. 1/lHorAa bto noMoraeT ycKopi/iTb 3arpy3KM 
nyTeM coxpaHeHi/m Konrn/i cjDaM/iOB, KOTopbie 6bmi/i nepeAaHbi nepe3 
Hero (b TaKOM cnynae Mbi roBopuM o louii/ipoBaHm/i npoKci/i). B 
HeicoTopbix c/iyHanx bto eAUHCTBeHHbiPi cnoco6 AOCTyna k BHeniHeMy 
Be6-cepBepy; b t3kmx c/iynaax ycTaHOBLUHK cMO>KeT 3arpy>KaTb 
naKeTbi Debian, ec/in Bbi npaBi/mbHO 3ano/iHMTe bto none bo BpeMn 
ycTaHOBKM. Ec/ii/i Bbi He yKa3a/in aApec npoKci/i-cepBepa, ycTaHOBLUHK 
nonbuaeTcn noAK/noni/iTbCfl HenocpeACTBeHHO k 1/lHTepHeTy. 
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Configure the package manager 

If you need to use a HTTP proxy to access the outside world, enter the proxy information here. 
Otherwise, leave this blank. 

The proxy information should be given in the standard form of , http://t[user][:pass]@]host[:port]/''. 

HTTP proxy information (blank for none): 


Screenshot Go Back Continue 


PiicyHOK 4.16 Mcnonb3yMTe HTTP Proxy 

3aTeM c^aPi/ibi Packages.xz m Sources .xz 6yflyT aBTOMaTi/mecKi/i 
CKanaHbi, A-rm Toro, HTo6bi o6HOBMTb crmcoK naiceTOB, pacno3HaHHbix 
APT. 

YcTaHOBKa 3arpy3MMKa GRUB 

3arpy3HMK ABrmeTCfl nepBoPi nporpaMMOM, 3anyci<aeMoPi BIOS. 3Ta 
nporpaMMa 3arpy>KaeT aapo Linux b naMATb u 3aTeM BbinonH^eT ero. 
3arpy3HMK Macro npeA-naraeT MeHK), KOTopoe no3BO.rmeT BaM Bbi6paTb 
3arpy>xaeMoe aapo m/im onepauMOHHyK) ckicreMy. 

5/iaroAapa CBoeMy TexHi/inecKOMy npeBOcxoACTBy GRUB nBnnejcn 
3arpy3HMKOM, KOTopbiPi no yMonnaHmo ycraHaB/ii/iBaeTCfl Debian: oh 
pa6oTaeT c 6o/ibi±ii/iHCTBOM cjoaPmoBbix cMcreM m noaTOMy He Tpe6yeT 
o6HOB/ieHMjq noc/ie Ka>KAoPi ycraHOBKi/i hoboto napa, nocKO/ibKy oh 
CHMT biBaeT ero KOHcjDMrypauHK) bo BpeMA 3arpy3Ki/i m hoxoaht TOHHoe 
no/io>KeHMe HOBoro aa pa. 

Bbi AO/i>KHbi ycTaHOBHTb GRUB b maBHyK) 3arpy30HHyK) 3anncb 
(Master Boot Record (MBR)), ec/ 11/1 y Bac y>Ke He ycraHOB/ieHa Apyraa 
CMCTeMa Linux, KOTopaa 3HaeT, kbk 3arpy>xaTb Kali Linux. Kax 
OTMeneHO Ha pMcyHKe 4.17, «YcTaHOBKa 3arpy3Hm<a GRUB Ha 
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>KecTKMM ahck» [cTp. 83], M3MeHeHi/ie MBR cAenaeT Hepacno3HaHHbie 
onepauMOHHbie CMcreMbi, KOTopbie 3aBnc?iT ot Hee, He3arpy>KaeMbiMi/i, 
AO Tex nop, noica Bbi He McnpaBHTe KOHcjonrypaui/iK) GRUB. 



Install the GRUB boot loader on a hard disk 

It seems that this new installation is the only operating system on this computer. If so, it should be safe 
to install the GRUB boot loader to the master boot record of your first hard drive. 

Warning: If the installer failed to detect another operating system that is present on your computer, 
modifying the master boot record will make that operating system temporarily unbootable, though GRUB 
can be manually configured later to boot it. 

Install the GRUB boot loader to the master boot record? 

O No 
• Yes 


Screenshot Go Back Continue 

PiicyHOK 4.17 YcTdHOBKd 3arpy3^iAKa GRUB 

B 3tom ware (PkicyHOK 4.18, «ycTpoMCTBO A-rm ycraHOBKi/i 
3arpy3HMKa» [crp. 84]), BaM Heo6xoAHMO 6yAeT Bbi6paTb, Ha Kaicoe 
ycrpoMCTBO 6yAeT ycraHOB/ieH GRUB. 3to AO/i>KeH 6biTb Baw TeKymuPi 
3arpy30HHbiM auck. 
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PiicyHOK 4.18 YcrpoMCTBO A/ifi ycraHOBKM 
3arpy3^MKa 

no yMonnaHHK) b MeHKD 3arpy3KM, npeA-naraeMOM GRUB, 
OTo6pa>KaK)TCjR Bee ycTaHOB/ieHHbie napa Linux, a TaK>Ke /iK)6bie 
Apyrne onepauMOHHbie CMCTeMbi, KOTopbie 6binn o6Hapy>KeHbi. 
1/lMeHHO no3TOMy, BaM c/ieAyeT npm-mTb npeA-no>KeHMe ycraHOBMTb 
ero b rnaBHyK) 3arpy30HHyK) 3anncb (Master Boot Record). 
CoxpaHeHkie cTapbix BepcMM napa coxpai-meT B03M0>KH0CTb 3arpy3KM 
CMCTeMbi, ec/iM nocneAHee ycTaHOB/ieHHoe aapo noBpe>KASHO m/im 
n/ioxo aAanTMpoBaHO k o6opyAOBaHMio. nosTOMy Mbi pexoMeHAyeM 
COXpaHMTb HeCKO/lbKO CTapbix BepCMM 9\f\ pa. 


ByflbTe BHMMaTe/ibHbi: 3arpy3HMK m aBOM nan 3arpy3Ka 

3Ta c(Da3a npoqecca ycTaHOBKM o6Hapy>KMBaeT onepauMOHHbie 
CMCTeMbi, KOTopbie y>Ke ycTaHOB/ieHbi Ha KOMnbKrrepe, m 
aBTOMaTMHeCKM A 06 aBMT COOTBeTCTByiOLAMe 3anMCM B MeHKD 3arpy3KM. 
OAHaico He Bee nporpaMMbi ycTaHOBKM AenaiOT bto. 

B nacTHOCTM, ecjiM noc/ie 3Toro Bbi ycTaHOBMTe (m/im nepeycTaHOBMTe) 
Windows, 3arpy3HMK 6yAeT yAa/ieH. Karm 6yAeT no-npe>KHeMy 
HaxoAMTbCJR Ha wecncoM Ancxe, ho 6o/ibLiie He 6yAeT AOCTynHa M3 
MeHKD 3arpy3KM. 3aTeM BaM Hy>KHO 6yAeT 3anycTMTb ycTaHOBLUMK Kali 
c napaMeTpoM rescue/enable=true b kom3hahom crpoxe HApa, 
HTo6bi nepeycTaHOBMTb 3arpy3HMK. 3Ta onepauMA noAPo6HO onncaHa 
b pyKOBOACTBe no ycTaHOBKe Debian. 


105 








http://www.debian.org/releases/stable/amd64/ch08s07.html 


3aBepiueHne ycraHOBKH h nepe3arpy3Ka 

Tenepb, KorAa ycTaHOBKa 3aBepweHa, nporpaMMa nonpocMT Bac 
M3BneHb DVD-ROM M3 npi/iBOfla HTeHMfl (i/i/im OTCoeAMHMTb USB- 
HaKoni/iTe/ib), HTo6bi Bam KOMnbKrrep mot 3arpy3MTb Bamy HOByK) 
CMCTeMy Kali noc/ie toto, KaK nporpaMMa ycraHOBKM nepe3anycTMT 
KOMnbKDTep (pncyHOK 4.19, «YcTaHOBKa 3aBepi±ieHa» [CTp. 85]). 

1/1 HaKOHeu, ycraHOBLumc Bbino/iHi/iT HeKOTopyK) pa6oTy no oni/icTKe, 
BpoAe yAaneHUjR naKeTOB npeAHa3HaneHHbix A-rm co3AaHi/m >kmbom 
cpeAbi. 



KALI 

}V OFFINSIVI StCURITV 


Finish the installation 


Installation complete 

Installation is complete, so it is time to boot into your new system. Make sure to remove the 
installation media, so that you boot into the new system rather than restarting the installation. 



Screenshot | Go Back [ Continue ] 

PiicyHOK 4.19 YcTaHOBKa 3dBepmeHa 


4.2.2 YcTaHOBKa Ha noAHOCTbio 3ai±iM(j)poBaHHyK) (J)aMAOByK) 

CMCTeMy 

toto HTo6bi rapaHTi/ipoBaTb KOHcJ^MAeHUMa/ibHOCTb Baiunx 
AaHHbix, Bbi MO>KeTe ycTaHOBMTb 3amnc|3poBaHHbie pa3Ae/ibi. 3 to 
H aAe>KHO 3amMTMT Baiun AaHHbie b c/iynae noTepi/i i/i/im Kpa>KM Bamero 
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HoyT6yKa. 1/lHCTpyMeHT pa36neHMfl Ha pa3fle/ibi KaK ynpaB/iaeMbii/i, 
TaK h pyHHoPi MOweT, noMOHb BaM b btom npouecce. 

Pe>KHM ynpaBrmeMoro pa3AeneHMfl 6yfleT coneTaTb ncno/ib30BaHne 
flByx TexHO/iorHM: Linux Unified Key Setup (LUKS) f\nn Lui/ic|opoBaHi/m 
pa3fle/iOB h ynpaBJieHi/m /iornHecKMMM TOMaMM (Logical Volume 
Management (LVM)) i\nn AHHaMi/inecKoro ynpaB/ieHi/m xpaHH/imueM. 
06e cf)yHKMMn TaK>Ke mo>kho ycraHOBMTb h HacTpoHTb b pe>KHMe 
pa3Ae/ieHi/m BpyHHyK). 

BBefleHneM b LVM 

flaBa^Te CHana/ia o6cyAHM LVM. l/lcno/ib3yfl TepMi/mo/iorHK) LVM, 
BMprya/ibHbiM pa3^en npeACTaBrmeT co6oPi norMHecKHPi tom, KOTopbiPi 
AB/iaeTCfl nacTbK) rpynnbi tomob mjim o6"beAHHeHneM HecKO/ibKMx 
Ct3M3MHeCKHX TOMOB. CDM3MHeCKMe TOMa flB/lflK)TCfl pea/ibHbiMM 
pa3Ae/iaMn (h/im BHpTya/ibHbiMM pa3Ae/iaMn, 3KcnopTnpyeMbiMM 
ApyrMMH a6cTpaKui/mMM, TaKi/iMH KaK nporpaMMHoe ycrpoPicTBO RAID 
v\nv\ 3aLuncf)poBaHHbiM pa3Aen). 

5/iarOAapJl OTCyTCTBHK) flBHbIX pa3/lMHHH Me>KAy «Cf)H3M L ieCKMMH» M 
«/iornHecKHMM» pa 3 AenaMn, LVM no3BO.rmeT co3AaBaTb 
«BnpTya/ibHbie» pa3Ae/ibi, KOTopbie oxBaTbiBaKDT HecKO/ibKO auckob. 
3to HMeeT ABoPmoe npei/iMymecTBo: pa3Mep pa3Ae/iOB 6o/ibi±ie He 
orpaHHneH OTAe/ibHbiMH ahck3mm, a mx coBOKynHbiM o6"beMOM, h Bbi 
MO>KeTe M3MeHHTb pa3Mep cymecTByK)mnx pa3Ae/iOB b /iK)6oe BpeMA, 
Hanpi/iMep, noc/ie Ao6aB/ieHMfl Aono/iHHTe/ibHoro AncKa. 

3Ta TexHHKa pa6oTaeT oneHb npocTo: Ka>KAbiPi tom, 6yAb to 
Ct3H3MHeCKMPi MJIM JlOrMHeCKMM, pa3Ae/lfleTCfl Ha 6/lOKM OAHHaKOBOTO 
pa3Mepa, KOTopbie LVM Koppe/iMpyeT. flo6aB/ieHne hoboto AncKa 
npi/iBeAST k co3AaHMK) HOBoro cf)H3MHecKoro TOMa, o6ecneHMBaK)mero 
HOBbie 6/iokm, KOTopbie MoryT 6biTb cBA3aHbi c jik)6om rpynnoPi tomob. 
Bee pa3Ae/ibi b rpynne tomob MoryT b no/iHOM Mepe Mcno/ib30BaTb 
Aono/iHHTe/ibHoe pacnpeAermeMoe npocTpaHCTBO. 

BBeflenne b LUKS 

Ann 3 amnTbi cbohx AaHHbix Bbi MO>KeTe Ao6aBHTb Aono/iHMTe/ibHbiM 
ypoBeHb Lunc|3poBaHMfl noA npeAnoHTMTe/ibHyK) BaM cjDaM/iOByK) 
CMCTeMy. Linux (m, b HacmocTM, ApaPiBep dm-crypt ) Mcno/ib3yeT 


107 



ycTpoPicTBO ynpaB/iem/m pacnpeAe/ieHi/ieM naM^TM A-rm co3Aam/m 
BMpTya/ibHoro pa3Ae/ia (coAep>Ki/iMoe KOToporo 3ammneHo) Ha 6a3e 
ocHOBHoro pa3Aena, KOTopbm 6yAeT xpaHi/iTb AaHHbie b 
3aiiiMct)poBaHHOM bmao (6/iaroAapfl LUKS). LUKS CTaHAapTM3npyeT 
xpaHeHkie 3ai±ii/ic|3poBaHHbix AaHHbix Taioxe, KaK m MeTaMHcjDopMauMH, 
KOTopaa o6o3HaHaeT ncno/ib3yeMbie a/iropi/iTMbi Lui/ic|3poBaHi/m. 


3auiM4>poBaHHbiM pa3fle/i noflKaMKM 

KorAa ncno/ib3yeTC5q 3ai±inc|}poBaHHbiM pa3Aen, k/ikdh Lunc|}poBaHMfl 
coxpaHfieTCfi b naMATi/i (03Y), a np m cn^meM pe>KMMe HoyT6yK 6yAeT 
KonnpoBaTb k/ikdh BMecTe c ApyrMM coAep>KMMbiM 03Y Ha pa3Aen 
noAKanKM >KecTKoro Ancica. nocKO/ibicy /ik)6om, y koto ecTb AOCTyn k 
cJaaM/iy noAKanKM (bto MOweT 6biTb iok TexHHnecKHPi cnei 4 na/incT, Tax 
M Bop), MO>KeT M3B/ieHb K/IKDH M paCLUMC^pOBaTb BaLUM AaHHbie. B CBA3M 
C 3TMM C^aM/l nOAKaHKM AO/l>KeH 6blTb 3amnmeH C nOMOLUbK) 
Lunc|DpoBaHmR. noBTOMy ycTaHOBLAHK npeAynpeAHT Bac, ec/in Bbi 
nonbuaeTecb ncno/ib30BaTb 3ai±ii/ic|3poBaHHbii/i pa3Aen paaom c 
H e3aLUM(|)pOBaHHblM pa3Ae/10M nOAKaHKM. 


HacTpoMKa 3ai±inct>poBaHHbix pa3Ae/iOB 

npoqecc ycTaHOBKM A-rm 3ai±inc|3poBaHHoro LVM Taxon we, icaic h 
CT aHAapTHaa ycraHOBKa, 3a MCK/iiOHeHi/ieM 3Tana pa36neHi/ifl Ha 
pa3Ae/ibi (pi/ic. 4.20, «YnpaB/iaeMoe pa3Ae/ieHi/ie c 3aLui/ic|}poBaHHbiM 
LVM» [cTp. 87]), i~Ae BaM Heo6xoAHMO 6yAeT Bbi6paTb YnpaB/ifleMbm 
pe>KHM - MCn0nb30BaTb Becb AUCK M HaCTpOMTb 3aLUMCtDpOBaHHblM LVM 
("Guided - use entire disk and set up encrypted LVM."). KoHenHbiM 
pe3y/ibTaTOM 6yAeT ci/icreMa, KOTopyio He/ib3fl 3arpy3HTb m/im 
no/iyHMTb AOCTyn ao Tex nop, noica He 6yAeT npeAOCTaB/ieHa KOAOBaa 
c(3pa3a LUMcjDpoBaHMfl. 3to 3aniMct3pyeT i/i 3amnTMT AaHHbie Ha BameM 
AHCKe. 
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bv orrcNSivf security 


Partition disks 

If you choose guided partitioning for an entire disk, you will next be asked which disk should be used. 

Partitioning method: 

Guided • use entire disk 

Guided - use entire disk and set up LVM 


Guided - use entire disk and set up encrypted LVM 


Manual 


Screenshot Go Back j Continue j 

PucyHOK 4.20 YnpaB/ifjeMoe pa3/ieneHMe c 
3aiuM(ppoBaHHbiM LVM 

YcTaHOBLUMK ynpaBrmeMoro pa3Ae/ieHMfl aBTOMaTi/inecKM Ha3HaHMT 
(f)M3MHecKMe pa3Ae/ibi A-rm xpaHem/m 3anii/ic|}poBaHHbix Aam-ibix, KaK 
3to noKa3aHO Ha Pi/icyHKe 4.21, «noATBepAHTb M 3 MeHeHi/m Ta 6 /im 4 bi 
pa 3 Ae/iOB» [cTp. 88]. Ha btom 3Tane ycTaHOBLUHK noATBepAHT 
M3MeHeHMjR ao Toro, KaK o h i/i 6 yAyT 3anncaHbi Ha auck. 



Before the Logical Volume Manager can be configured, the current partitioning scheme has to be written 
to disk. These changes cannot be undone. 

After the Logical Volume Manager is configured, no additional changes to the partitioning scheme of 
disks containing physical volumes are allowed during the installation. Please decide if you are satisfied 
with the current partitioning scheme before continuing. 

The partition tables of the following devices are changed: 

Virtual disk 1 (vda) 

Write the changes to disks and configure LVM? 

O No 
• Yes 


PucyHOK 4.21 riOATBepAPITb 

M3MeHeHMfj Ta6/iMLibi pa3AenoB 
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3aTeM 3 tot HOBbiM pa3Ae/i MHm4na/iM3npyeTc^ c/iynaMHbiMM AaHHbiMH, 
KaK noKa3aHO Ha pi/icyHKe 4.22, «yAa/ieHi/ie AaHHbix b 
3aLUMcf)poBaHHOM pa3Ae/ie» [cTp. 88]. 3to Ae/iaeT o6nacTM, KOTopbie 
coAep>KaT AaHHbie, HeoT/iMHMMbiMM ot Hencnonb3yeMbix 06/iacTePi, 
hto b cbok) onepeAb 3aTpyAH5qeT o6Hapy>KeHne m noc/ieAyKomyK) 
aTaKy 3ai±inc|}poBaHHbix AaHHbix. 



Erasing data on Virtual disk 1, partition #5 (vda5) 


The installer is now overwnbng Virtual disk 1. partition *5 (vda5) with random data to prevent meta-infor 


Cancel 


PiicyHOK 4.22 y/ja/ieHMe AaHHbix b 3ai±iM(ppoBaHHOM pa3Aene 

3aTeM, ycraHOBLUHK nOnpOCMT Bac BBeCTM HA6HTMCf)MKai4MOHHyK) 
c|3pa3y LUMcfjpoBaHmi (Pi/icyHOK 4.23, «BBeAHTe MASHTncf)MKaMH0HHyK) 
c(3pa3y Lun4)poBaHMfi» [page 89]). Arm Toro HTo6bi npocMOTpeTb 
coAep>KMMoe 3aiiiMct)poBaHHoro pa3Ae/ia, BaM Heo6xoAHMO 6yAeT 
BBOAHTb 3Ty nASHTnc[)MKauMOHHyK) c|}pa3y Ka>KAbiM pa3, KaK Bbi 6yAeTe 
nepe3arpy>KaTb ci/icTeMy. 06paTHTe BHi/iMaHi/ie Ha npeAynpe>KAeHMe b 
ycTaHOBLUMKe: Bama 3ai±inc|}poBaHHafl cMcreMa 6yAeT HacTO/ibKO 
xopomo 3amnmeHa, HacKO/ibKO rpaMOTHO noAo6paHa 
MASHTMcjDMKauMOHHafi c[)pa3a. 
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Partition disks 


You need to choose a passphrase to encrypt Virtual disk 1, partition #5 (vda5). 

The overall strength of the encryption depends strongly on this passphrase, so you should take care to 
choose a passphrase that is not easy to guess. It should not be a word or sentence found in 
dictionaries, or a phrase that could be easily associated with you. 

A good passphrase will contain a mixture of letters, numbers and punctuation. Passphrases are 
recommended to have a length of 20 or more characters. 

Encryption passphrase: 


□ Show Password in Clear 

Please enter the same passphrase again to verify that you have typed it correctly. 

Re-enter passphrase to verify: 


show Password in Clear 


Screenshot Go Back | Continue 

PucyHOK 4.23 BBe/jere M/jeHTMcpMKaLiMOHHyK) <ppa3y LUMcppoBaHi/ifj 

Tenepb MHCTpyMeHT pa 3 Ae/iem/m o6/iaAaeT AOcrynoM k HOBOMy 
BkipTya/ibHOMy pa3Ae/iy, Hbe coAep>Ki/iMoe xpam/iTCfl 3ai±inc|3poBaHHbiM 
06pa30M B 0CH0BH0M C(DM3MHeCK0M pa3Ae/ie. B CB513M C TeM, HTO LVM 
MCnOJlb3yeT 3T0T HOBblM pa3Ae/l KaK C|3M3MHeCKm/l TOM, OH M0>KeT 
3ammnaTb HecKO/ibKO pa3Ae/iOB (m/im nori/iHecKi/ix tomob LVM) c 
noMombK) Toro >Ke caMoro K/iK)Ha i±mc|3poBaHi/m, Bic/iionaa pa3Ae/i 
nOAKaHKM (CMOTpM BCT3BKy «LUl/IC|}pOBaHl/ie pa3Ae/ia nOAKaHKM» [CTp. 
86]). B ashhom c/iynae, LVM He i/icno/ib3yeTCfl Ann ynpomeHHfl 
paaui/ipeHi/m pa3Mepa xpaHM/imua, oh ncno/ib3yeTCJR nmub Ann 
yAo6cTBa KOCBeHHOCTM, no3BO/ifiK)meM pa3AennTb oahh 
3aLuncf)poBaHHbiM pa3Ae/i Ha HecKO/ibKO norHHecKMx tomob. 

3aBepnieHne ynpaBrmeMoro pa3Ae/ieHi/m c 3ai±ii/ic|3poBaHHbiM LVM 
3aTeM Ha 3KpaHe OTo6pa3MTc?i MToroBaa cxeMa pa3AeneHi/m (pncyH0K 
4.24, «npoBepi<a pa3Ae/ieHi/m A-rm 3aLuncj3poBaHHOM ycraHOBKi/i LVM» 
[CTp. 90]) TaK, HTO Bbl MO>KeTe BblCT3BHTb HaCTpOMKM Heo6xOAHMblM 
BaM o6pa30M. 
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Partition disks 


This is an overview of your currently configured partitions and mount points. Select a partition to modify its settings 
(file system, mount point, etc.), a free space to create partitions, or a device to initialize its partition table. 

Configure software RAID 
Configure the Logical Volume Manager 
Configure encrypted volumes 
Configure iSCSI volumes 

v LVM VG kali-vg, LV root - 29.8 GB Linux device-mapper (linear) 

> #1 29.8 GB f ext 4 / 

v LVM VG kali-vg, LV swap_l - 2.1 GB Linux device-mapper (linear) 

> #1 2.1 GB f swap swap 

v Encrypted volume (vda5_crypt) - 32.0 GB Linux device-mapper (crypt) 

> #1 32.0 GB K Ivm 

" Virtual disk 1 (vda) • 32.2 GB Virtio Block Device 

> #1 primary 254.8 MB F ext2 /boot 

> #5 logical 32.0 GB K crypto (vda5_crypt) 

Undo changes to partitions 


Finish partitioning and write changes to disk 


Screenshot Help Go Back Continue 


PiicyHOK 4.24 flpoBepKa pa3/ieneHMfi /j/isi 3ai±iM(ppoBaHHOM 
yCTdHOBKI/l LVM 

1/1 HaKOHeu, noc/ie npoBepKi/i HacrpoeK pa3Aena, MHCTpyM6HT 
nonpocMT Bac noATBepAHTb i/i3MeHem/m, BHecem-ibie Ha ahck, iok bto 
noi<a3aHO Ha pi/icyHKe 4.25, «noATBep>KASHMe c|3opMaTnpoBaHHfl 
pa3Ae/iOB». 
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Partition disks 


if you continue, the changes listed below will be written to the disks. Otherwise, you will be able to make 
further changes manually. 

The following partitions are going to be formatted: 

LVM VG kali-vg, LV root as ext4 
LVM VG kali-vg, LV swapl as swap 

Write the changes to disks? 

O No 

(§> Yes: 


Screenshot I Continue 


PitcyHOK 4.25 noATBepyKAet-me (popMaTMpoBaHMfj pa3AenoB 


fla/iee npoqecc ycraHOBKM npoao/iwi/iTCfl o6bNHbiM o6pa30M, hto 
noflpo6HO onncaHO b pa3flene 4.2.1.14, «HacTpoi/iKa A^cneTnepa 
naKeTOB (apt)» [page 81]. 


4.3 ABTOMaTtmecKue ycraHOBKM 

YcTaHOBLUHKM Debian m Kali AB/ifliOTCfl AOBO/ibHO MOAy/ibHbiMM: Ha 
6a30B0M ypOBHe, OHM npOCTO BbinO/lHflK)T MHO>KeCTBO CKpMnTOB 
( 06 'beAHHeHHbix b KpouieHHbie naKeTbi noA Ha3BaHMeM udeb—for 
pdeb mjim micro-deb) oahh 3a ApyrMM. KawAbiPi M3 ckphiitob 
ormpaeTCfl Ha debconf (cmotpm «l/lHCTpyMeHT debconf» [ctp 214]), 
KOTopbiM B3aMMOAeMCTByeT c BaMM, no/ib30BaTe/ieM m coxpaHaeT 
napaMeTpbi ycTaHOBKM. B cba3m c btmm, ycTaHOBLUMK MO>KeT 6 biTb 
Tai<>Ke aBTOMaTM3MpoBaH nepe3 debconf preseeding, c^yHKUMK), 
KOTopaa no3BonaeT BaM npeAOCTaBrmTb aBTOMaTMnecKMe OTBeTbi Ha 
BOnpOCbl yCT3H0BKM. 


4.3.1 OTBeTbi npecMAMHra 
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EcTb MHOwecTBO pa3/iMHHbix cnoco6oB ncno/ib30BaTb preseed OTBeTbi 
A-rm ycTaHOBLUMKa. I/I KawflbiPi MeTOfl HMeeT cboh npeMMyiuecTBa n 
HeflOCTaTKM. B 3aBncnMOCTn ot Toro, Korfla Bbino/iHJieTca npecMflMHr, 
Bonpocbi, KOTopbie eMy noABepraKrrca, MoryT OT/iMHaTbca. 

C napaMeTpaMM 3arpy3KM 

Bbi MO>KeTe BbinonHMTb npecMfli/mr Ann /iK)6oro Bonpoca ycraHOBiunKa 
c napaMeTpaMM 3arpy3KM, KOTopbie 3aBepi±iaK)TCfl b AApe KOMaHAHOM 
ctpokm, AOCTynHbie nepe3 /proc/cmdline. HeKOTopbie HananbHbie 
3arpy3HMKM no3BormT BaM OTpeAaKTMpoBaTb 3tm napaMeTpbi b 
MHTepaKTMBHOM pe>KMMe (hto npaKTMHHO A-ns ue/iePi TecmpoBaHMa), 
HO eC/lM Bbl XOTMTe, HT06bl M3MeHeHMfl 6bl/lM COXpaHeHbl, BaM 
npMASTCJi M3MeHMTb KOHcf)Mrypai4MK) 3arpy3HMKa. 

Bbi MO>xeTe HanpjqMyK) Mcno/ib30BaTb no/iHbiM MASHTMcf)MKaTop 
BonpocoB debconf (HanpMMep, debian-installer/language=en), m/im 
B bi MO>xeTe Mcno/ib30BaTb a66peBMaTypbi A-nfl HaM6o/iee 
pacnpocTpaHeHHbix BonpocoB (HanpMMep, language=en m/im 
hostname=duke). Cmotpm no/iHbiM cnMcoK coKpaiueHMM b 
pyKOBOACTBe no ycraHOBKe Debian. 

He cymecTByeT orpaHMneHMM Ha Bonpocbi, KOTopbie Bbi MOweTe 
noAeeprHyTb npecMAMHry BBMAy Toro, hto napaMeTpbi 3arpy3KM 
AOCTynHbi c caMoro Hana/ia npouecca ycTaHOBKM, m ohm 
o6pa6aTbiBaK)TCfl Ha oneHb paHHMx craAnax. OAHaKO, KO/iMnecTBO 
napaMeTpoB 3arpy3KM orpaHMneHO 32, m onpeAe/ieHHoe KO/iMnecTBO 
M3 hmx y>Ke Mcno/ib3yeTCJi no yMonnaHMK). Tao<e oneHb b3>kho 
noHMMaTb, hto M3MeHeHMe napaMeTpoB Hana/ibHoro 3arpy3HMKa 
MHOTAa MO>KeT 6blTb HeTpMBMa/lbHblM. 

B pa3Ae/ie 9.3, «Co3AaHMe jkmboto no/ib30BaTenbCKoro ISO o6pa3a 
KaIi» [cTp. 236] Bbi Tao<e y3HaeTe, k3kmm o6pa30M M3MeHMTb Isolinux 
KOHcf)MrypauMM, KorAa Bbi co3AaeTe Bam co6cTBeHHbiM ISO o6pa3 Kali. 

C Preseed 4>aM/iOM b Initrd 

Bbi MO>KeTe Ao6aBMTb c^aPm noA Ha3B3HMeM preseed.cfg b root 
ycTaHOBLUMKa initrd (bto tot initrd, KOTopbiPi Mcno/ib3yeTCfl A-na 
3anycKa ycraHOBiunKa). 06biHHO bto Tpe6yeT BOccTaHOB/ieHMfl 
McxoAHoro naKeTa debian-installer A-rm reHepauMM HOBbix BepcMM 
initrd. TeM He MeHee, live-build npeA-naraeT yAo6HbiPi cnoco6 CAe/iaTb 
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3to, hto noflpo6HO onucaHO b pa3Ae/ie 9.3 «Co3flaHne >KHBoro 
nonb30BaTe/ibCKoro ISO o6pa3a KaIi» [crp. 236]. 

3tot MeTOfl Tai<>Ke He MMeeT HMKaKMx orpaHMneHMM Ha Bonpocbi, 
KOTopbie MoryT noABepraTbCJi npeci/iAi/mry, t.k. preseed c(DaM/i 
CTaHOBHTca aocTyriHbiM cpa3y >Ke noc/ie 3arpy3KM. B Kali Mbi y>Ke 
ncnonb3yeM 3Ty c^yHKUMK) Ann HacrpoMKM noBeAGHMJi oc|3nuna/ibHoro 
ycTaHOBLUHKa Debian. 

C Preseed ct>aM/iOM b 3arpy30HH0M HOCMTe/ie 

Bbi MOweTe Ao6aBMTb cj^aPi/i preseed Ha 3arpy30HHbiM HOCHTe/ib (CD 
m/im USB-HaKonnTe/ib); 3aTeM Bbmo/iHJieTCJi npecMAMHr, a mmchho 
noc/ie MOHTHpoBaHMJi HOCMTe/isi, hto b CBOK) OHepeAb 03HanaeT cpa3y 
noc/ie BonpocoB o ji3biKe h pacK/iaAKM K/iaBnaTypbi. llapaMeTp 
3arpy3KM preseed/file MO>KeT ncno/ib30BaTbCfl Ann yKa3aHMJi 
MecTono/io>KeHH}i npecMAMHr c^aPi/ia (HanpMMep, /cdrom/preseed.cfg 
npM ycTaHOBKe c KOMnaKT-AMCKa h/ih /hd-media/preseed.cfg npM 
ycraHOBKe c USB- HaKonMTerm). 

Bbi MO>KeTe He noABepraTb npecMAMHry OTBeTbi Ha Bonpocbi o ji3biKe 
h cTpaHe, t.k. npecHAHHr ctoan/i 3arpy>KaeTCJi HeMHoro no3>Ke b stom 
npouecce, noc/ie 3arpy3KM ApaPmepoB o6opyAOBaHMfl. TaK>Ke 
60/ibLUMM n/iK)C0M jiB/uieTCJi to hto, live-build ynpomaeT pa3MemeHne 
Aono/iHHTe/ibHoro c(3aki/ia b creHepnpoBaHHbix ISO-o6pa3ax (cmotpm 
pa3Ae/i 9.3, «Co3AaHne >KHBoro no/ib30BaTe/ibCKoro ISO o6pa3a Ka I i» 
[cTp. 236]). 

C Preseed ct>aM/iOM, 3arpy>KeHHbiM ms cem 

Bbi MO>KeTe no/iyHMTb AOCTyn k preseed cjoaM/iy b ceTH nepe3 Be6- 
cepBep h cKa3aTb ycraHOBLUMKy cKanaTb preseed cjoaM/i nyTeM 
Ao6aB/ieHM?i napaMeTpa preseed/url = http://serv'er/preseed.cfg (m/im 
c noMombK) a/ibTepHaTMBHoro url). 

OAHaKO, ncno/ib3yji stot mctoa, He 3a6biBaPiTe, hto A-rm ero 
pea/iM3aunn Bama ceTb y>Ke AO/i>KHa 6biTb HacTpoeHa. B cbokd 
onepeAb, 3 to 03HanaeT, hto cBJi3aHHbie c ceTbio Bonpocbi debconf (b 
H aCTHOCTM MMJ1 XOCTa M MMJ1 AOMeHa) H BCe npeAblAyiAHe Bonpocbi 
(HanpMMep, ji3biK m cTpaHa) He MoryT 6biTb 3anporpaMMMpoBaHbi c 
noMombK) 3Toro MeTOAa. TaK>Ke stot mctoa name Bcero Mcno/ib3yeTCJi 
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b coneTaHHM c napaMeTpaMM 3arpy3KM, KOTopbie Bbino/iHfiKDT 
npecMflMHr Tex KOHKpeTHbix BonpocoB. 

3tot MeTOA npecnAMHra nsnnejcn caMbiM rn6KMM, t.k. Bbi MO>KeTe 
M3MeHflTb HaCTpOMKM MHCTa/irmUMM 6e3 CMeHbl yCTaHOBOHHOrO 
HOCMTerm. 


3aflep>KKa BOFipOCOB, CBHSaHHblX C B3blKOM, CTpaHOM M 
K/iaBnaTypoM 

Ann Toro, HTo6bi npeoAO/ieTb orpaHnneHMe toto, hto Bbi He MO>KeTe 
noABepraTb npecMAMHry Bonpocbi, cBA3aHHbie c A3biKOM, crpaHoPi, m 
K/ iaBMaTypoPi, Bbi MO>KeTe Ao6aBMTb napaMeTp 3arpy3KM auto- 
install/enable=true (mjim auto=true). C btom onqMePi Bonpocbi 
6yAyT 3aAaBaTbca HeMHoro no3>Ke b npoqecce, a mmchho noc/ie toto, 
KaK ceTb 6yAeT HacTpoeHa m, tbkmm o6pa30M, noc/ie 3arpy3KM 
preseed <£aPma. 

HeAOCTaTKOM nsnnejcn to, hto nepBbie warn (b HacmocTM, 
KOHc|3i/irypai4Mfl ceTM) BcerAa 6yAyT OTo6pa>KaTbCfl Ha aHr/iMPicKOM 
^3biKe, m ec/iM ecTb olum6km, nonb30BaTenK) npMAeTca pa6oTaTb nepe3 
BKpaHbi, OTo6pa>KaeMbie no/iHOCTbio Ha aHr/iMPicKOM A3biKe (c 
KnaBMaTypoPi, HacTpoeHHoPi b QWERTY). 


4.3.2 Co3A,aHMe Preseed <t>aPma 

Preseed cj^aPm nsnnejcn o6bNHbiM TeiccTOBbiM c^aM/iOM, b kotopom 
Ka>KAaa cTpoica coasp>kmt OTBeTbi Ha oahh Debconf Bonpoc. CTpoKa 
pa3AeJiaeTc?i Ha neTbipe norm, pa3Ae/ieHHbie npo6enoM (npo6e/iOM 
i/mi/i Ta6y/ifiuMePi). HanpMMep, d-i mirror/ suite string kali-rolling: 

• llepBoe none o6o3HanaeT B/iaAe/ibua Bonpoca. HanpMMep, "d-i" 
Mcno/ib3yeTCfl i\nn BonpocoB, othoc^lamxc^ k ycraHOBLUMicy. Bbi 
TaK>Ke MO>KeTe yBMASTb mma naKeTa Ann BonpocoB, mcxoa^luhx m 3 
naKeTOB Debian (KaK b btom npMMepe: atftpd atftpd / usejnetd 
boolean false). 

• BTopoe none AB.rmeTCfl MASHTMcf)MKaTopoM Bonpoca. 

• TpeTbe none yKa3aH t\au Bonpoca. 

• HeTBepToe m 3aK/iK)HMTe/ibHoe none coAsp>KaT 3HaneHMe 
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o>KMAaeMoro OTBeTa. 06paTMTe BHi/iMam/ie, hto oh AO/i>KeH 6biTb 
OTAeneH ot TpeTbero norm oahmm npo6enoM; Aono/iHi/iTe/ibHbie 
npo6e/ibHbie ci/iMBO/ibi cni/iTa kdtca nacTbio 3HaneHH5T 

CaMbiPi npocTOM cnoco6 Hani/icaTb preseed c^aPm - bto ycraHOBi/iTb 
ci/icTeMy BpyHHyK). 3aTeM KOMaHAa debconf-get- selections - 
installer npeAOcraBMT OTBeTbi, KOTopbie Bbi b cbokd onepeAb 
npeAOCTaBMJiM ycTaHOBLUHKy. Bbi MO>KeTe no/iyni/iTb OTBeTbi, 
HanpaB/ieHHbie Apyrmn naKeTaM, c noMombK) debconf-get-selections. 
OAHaKO, 6o/iee HMCTbiM peweHi/ieM AB/iaeTCfl 3anncb c^aPi/ia preseed 
BpyHHyK), Hani/maa c npi/iMepa, a 3aTeM npocMaTpi/iBaa 
AOKyMeHTapHK). lip m TaKOM noAxoAe, /imub Te Bonpocbi, otbct no 
yMonnaHMK) Ha KOTopbie Heo6xoAHMO 3aMeHMTb, MoryT 6biTb 
noABeprHyTbi npeci/iAHHry. YKa>KMTe priority=critical napaMeTp 
3arpy3KM, HTo6bi nopyni/iTb Deb-conf 3aAaBaTb KpHTHnecKkie Bonpocbi 
h ncno/ib30BaTb OTBeTbi no yMO/inaHHK) Ann ApyrHx. 


npusiowei-me k pyKOBOflCToy no ycraHOBKe 

B npnno>KeHMM pyKOBOACTBa no ycTaHOBKe Debian, AOCTynHOM b 
1/lHTepHeTe, coAep>KMTCfl noAPo6Haa AOKyMeHTauMA no 
ncno/ib30BaHMK) c|Dai/i.na preseed. Oh TaK>xe coasp>kmt noApo6Hbii/i m 
npOKOMMeHTMpOBaHHblM 06pa3ei4 CtoaM/ia, KOTOpbIM MO>KeT C/iy>KMTb 
6a3oPi Ann /lOKa/ibHbix HacTpoeK. 

https://www.debian.org/releases/stable/amd64/apb.html 

https://www.debian.org/releases/stable/example-preseed.txt 

OAHaKO, o6paTMTe BHi/iMaHi/ie, hto npi/iBeAeHHbie Bbime ccbmKi/i 
AOKyMeHTMpyiOT cTa6n/ibHyK) BepcMK) Debian m hto b hmx Kali 
ncnonb3yeTc?i b TecTOBOM Bepci/iM, TaK hto Bbi MO>KeTe cmnKHyTbCfl c 
He60/lbLUMMH pa3/lMHMJRMM. Bbi T3K>Ke MO>KeTe 03H3 KOMMTbCJl C 
pyKOBOACTBOM no ycTaHOBKe, pa3MemeHHbiM Ha Be6-caPiTe npoeKTa 
Debian-installer. Oho MO>KeT 6biTb 6o/iee coBpeMeHHbiM. 
http://d-i.alioth.debian.org/manual/en.amd64/apb.html 


4.4 ARM YcTaHOBKM 
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Kali Linux pa6oTaeT Ha caMbix pa3Hbix ycrpoPicTBax Ha 6a3e ARM 
(HanpMMep, HoyT6yKi/i, BCTpoeHHbie KOMnbKrrepbi h nnaTbi Ann 
pa3pa60THMK0B, HO Bbl He MO>KeTe HCn0nb30BaTb TpaAHUHOHHblPi 
ycTaHOBLUMK Kali Ha bthx ycrpoPicTBax, nocKonbicy ohh nacro HMeKDT 
KOHKpeTHbie Tpe 60 BaHMjq B OTHOIlieHMH Jlflpa V\n\A KOHC|3Hrypai4MM 
Hana/ibHoro 3arpy3Hm<a. HTo6bi CAenaTb bth ycrpoPicTBa 6onee 
AOCTynHbiMM Ann nonb30BaTenePi Kali, Offensive Security 
pa3pa6oTa/ia cueHapm/i Ann co3AaHnn o6pa30B auckob 18 , KOTopbie 
roTOBbi Ann ncnonb30BaHHjq c pa3/iMHHbiMH ARM ycrpoMCTBaMM. 
Offensive Security npeAOCTaBn/in noAo6Hbie o6pa3bi Ann 3arpy3KM Ha 
CBoeM Be6-caPiTe: 

https://www.offensive-security.com/kali-linux-arm-innages/ 

BBHAy Toro, hto 3th o6pa3bi o6meAOCTynHbi, Bama 3aAana no 
ycTaHOBKe Kali Ha ARM ycTpoPicTBO 3HaHMTe/ibH0 ynpomeHa. 

Hn>Ke npMBeAeHbi ocHOBHbie warn: 

1. 3arpy3MTe o6pa3 Ann CBoero ycrpoPicTBa ARM h y6eAHTecb, hto 
KOHT po/ibHasi cyMMa cooTBeTCTByeT ToPi, KOTopan yKa3aHa Ha Be6- 
caPiTe (cmotpm Pa3Ae/i 2.1.3 «npoBepKa uenocmocTi/i h 
noAnnHHOCTM» [cTp. 16] Ann oStncHeHHn Toro, KaK 3 to CAenaTb). 
06paTHTe BHMMaHHe, hto o6pa3bi o6biHHO nBnnKrrcn xz-c>KaTbiMM, 
TaKMM o6pa30M, Heo6xoAHMO pacnaKOBaTb hx c noMombK) unxz. 

2. B 3aBMCMM0CTH ot cnoTa pacninpeHnn xpaHi/mmua, AOCTynHoro Ha 
BameM KOHKpeTHOM ycTpoPicTBe ARM, npno6peTHTe SD-KapTy, 
micro SD-KapTy h nv\ MOAynb eMMC, eMKOCTb KOToporo He MeHee 8 
TB. 

3. Ci<onnpyPiTe 3arpy>KeHHbiPi o6pa3 Ha ycTpoPicTBO xpaHeHi/m c 
noMombK) dd. 3 to noxo>Ke Ha npouecc KonnpoBaHnn o6pa3a ISO 
Ha USB-HaKonnTenb (cmotpi/i Pa3Aen 2.1.4 «KonnpoBaHne o6pa3a 
Ha DVD-ROM h nv\ USB-HaKonnTenb» [cTp. 19]). 

^ # dd if =kali-image.img of=/dev /something bs=512k 

5. BcTaBbTe SD-KapTy/eMMC b Bame ycTpoPicTBO ARM. 

6. 3arpy3HTe ycTpoPicTBO ARM i/i BoPiAHTe b Hero ( nonb 30 Barenb 
«root», naponb «toor»). Ec nv\ y Bac HeT noAKnKDneHHoro aicpaHa, 
BaM Hy>KHO 6yAeT onpeAenuTb IP-aApec, Ha3HaneHHbiPi nepe3 
DHCP, h noAKnKDHHTbcn k 3T0My aApecy nepe3 SSH. Ha HeKOTopbix 


18 https://github.com/offensive-security/kali-arm-build-scripts 
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cepBepax DHCP ecTb MHcrpyMeHTbi m/im Be6-MHTep(t>eMCbi, HTo6bi 
noKa3aTb TeKymkie leases. Ec/ii/i y Bac HeT HHnero noAo6Horo, 
ncno/ib3yPiTe cHMcJ^ep A-rm noMCKa Tpac^MKa lease DHCP. 

7. H3MeHMTe napo/ib root m creHepkipyMTe HOBbie kjikdhm xocTa SSH, 
oco6eHHO, ecrm ycrpoPicTBO 6yAeT nocTOAHHO pa6oTaTb b 
o6meAOCTynHOM ceTMl Lllam flBrmKrrcfl AOBO/ibHO npocTbiMM, cm. 
«C03AaHMe HOBbIX XOCT K/lKDHeM SSH» [CTp. 111]. 

8. Hac/ia>KAaMTecb BauiMM HOBbiM ycrpoi/icTBOM ARM, pa6oTaK)LUMM Ha 
Kali Linux! 


CneMMa/ibHbie c/iynan m 6o/iee noApo6Haa flOKyMeHTaumi 

3TM MHCTpyKUMM HOCflT 06lAHM XapaKTep, M, XOTfl OHM pa60TaK)T A-n^ 
60/ibiiiMHCTBa ycTpoPicTB, BcerAa ecTb MCK/ifOHeHMfl. HanpMMep, A-rm 
ChromebookTpe6yeTCfl pe>KMM pa3pa6oTVMKa (developer mode), a Ha 
ApyrMx ycTpoPicTBax Tpe6yeTca cneuMa/ibHoe Ha>KaTMe K/iaBMLUM A-rm 
3arpy3KM c BHenmero HOCMTerm. 

llocKonbKy ycTpoPicTBa ARM Ao6aB.rmK)TCfl OTHOCMTe/ibHO Macro, m mx 
cneuMcjDMKauMM HacTO/ibKO AHHaMMHHbi, Mbi He 6yAeM onMCbiBaTb 
KOHKpeTHbie MHCTpyKMMM nO yCTaHOBKe A-n^ pa3/lMHHblX yCTpOMCTB 
ARM. BMecTO btoto o6paTMTecb k BbiAeneHHOMy pa3Ae/iy « KaIi Ha 
ARM» AOKyMeHTauMM Be6-caPiTa Kali A-rm no/iyneHMA 6o/iee 
nOAP06HOM MHCj30pMai4MM 0 K3>KA0M ycrpoPicTBe ARM, 
noAAep>KMBaeMOM Offensive Security: 

http://docs.kali.org/category/kali-on-arnn 


4.5 YcrpaHeHMe Heno/iaflOK bo BpeMfi ycraHOBKii 

YCTaHOBLUMK AOCTaTOHHO H3AS>KHblM, HO, TeM He MeHee, Bbl MO>KeTe 
CTO/lKHyTbCfl C 0LUM6KaMM M/1M >Ke C KaKMMM-/lM60 BHeillHMMM 
npo6/ieMaMM, t3kmmm iok: npo6/ieMbi c ceTbK), nnoxMe 3epKa/ia m 
H eAOCTaTOHHoe MecTO Ha Ancice. l/l3-3a 3Toro BecbMa none3HO yMeTb 
ycrpaHATb npo6neMbi, B03HMKaK>mne b npoqecce ycraHOBKM. 

KorAa b nporpaMMe ycTaHOBKM npoM30MAST c 6 om, OHa noicaweT BaM 
AOBO/ibHO 6ecno/ie3HbiM aicpaH, Ta kom iok tot, KOTopbiM noKa3aH Ha 
pucyHice 4.26, «C6 om npoqecca ycraHOBKM» [CTp. 96]. 


119 



1 

KALI 

iV OrrtNSIVf SECURITY 


Install the system 


Installation step failed 

An installation step failed. You can try to run the failing item again from the menu, or skip it and 
choose something else. The failing step is: Install the system 



Screenshot | Continue | 

PiicyHOK 4.26 C6om npopecca ycraHOBKM 


Ha 3tom 3Tane xopomo 3HaTb, hto ycTaHOBinmc ncno/ib3yeT 
HecKO/ibKO BHpTya/ibHbix KOHco/iePi: rnaBHbm 3 KpaH, KOTopbiM Bbi 
BMflMTe, 3 anycKaeTc?i /11/160 Ha rmTOM kohco/im (Ann rpac^MHecKoro 
ycTaHOBiuMKa, CTRL + Shift + F5), nv \ 60 Ha nepBOi/i kohco/ih (Ann 
TeKCTOBoro ycTaHOBiuMKa, CTRL + Shift + FI). B o6ohx c/iyHaflx 
neTBepTajR K0HC0/ib (CTRL + Shift + F4) OTo6pa>KaeT wypHa/ibi Toro, 
hto npoMcxoflMT, h o6biHHO Bbi MO>KeTe yBHfleTb TaM 6o/iee no/ie 3 Hoe 
coo6meHne 06 oi±m6i<e, Hanpi/iMep, KaK noKa 3 aHO Ha pnoyHKe 4.27 
« 3 KpaH >KypHa/ia ycTaHOBKi/i» [cTp. 97], KOTopbiM noKa 3 biBaeT, hto 
ycTaHOBLUMKy He xBaTaeT amcKOB oro npocTpaHCTBa. 
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tion: 

Apr 15 19:04:24 main-menu[8331: (process:5559): line 88: 

Apr 15 19:04:24 main-menu[8331: (process:5559): /Iib/partnan/actiue_partit ion/copy/choices: not foun 
d 

Apr 15 19:04:24 main-menu[8331: (process:5559): 

Apr 15 19:04:24 main-menu[8331: (process:5559): /Iib/partnan/choose_partition/60part1tion_tree/do_op 
tion: 

Apr 15 19:04:24 main-menu[8331: (process:5559): line 88: 

Apr 15 19:04:24 main-menu[8331: (process:5559): /\ ib/partman/actiue_partit ion/copy/choices: not foun 
d 

Apr 15 19:04:24 main-menu[8331: (process:5559): 

Apr 15 19:04:24 main-menu[8331: (process:5559): /l ib/'partnan/free_space/50new/’do_opt ion: 

Apr 15 19:04:24 main-menu[8331: (process:5559): line 226: 

Apr 15 19:04:24 main-menu[8331: (process:5559): /Iib/partman/actiue_partit ion/copy/choices: not foun 
d 

Apr 15 19:04:24 main-menu[8331: (process:5559): 

Apr 15 19:04:24 main-menu[8331: (process:5559): /\ ib/partnan/free_space/50new/’da_option: 

Apr 15 19:04:24 main-menu[8331: (process:5559): line 226: 

Apr 15 19:04:24 main-menu[8331: (process:5559): /Iib/partman/actiue_p«rtit ion/copy/choices: not foun 
d 

Apr 15 19:04:24 main menu(8331: (process:5559): 

Apr 15 19:04:24 main-menu[8331: DEBUG: resoluer (libgccl): package doesn't exist (ignored) 

Apr 15 19:04:24 main-menu[8331: INFO: Menu item ’1iue-installer' selected 

Apr 15 19:04:24 base-installer: info: Using squashfs support for /cdrom/1iue/filesysten.squashfs 

Apr 15 19:04:24 anna-install: Installing squashfs-modules 

Apr 15 19:04:24 anna[85451: DEBUG: resoluer (kernel-image-4.3.0-kalil-and64-di): package doesn't exi 
st (ignored) 

Apr 15 19:04:24 anna[85451: DEBUG: retrieving squashfs-nodules-4.3.0-kalil-amd64-di 4.3.3-5kali4 
Apr 15 19:04:24 kernel: [ 165.7583821 squashfs: version 4.0 (2009/01/31) Phillip Lougher 
Apr 15 19:04:24 kernel: [ 165.7640511 loop: module loaded 

Apr 15 19:04:45 base-installer: error: The tar process copying the live system failed (only 9238 out 
of 119223 files haue been copied* last file was ). 

Apr 15 19:04:45 main-menu[8331: (process:849'): tar: write error: No space left on deuice 

Apr 15 19:04:45 main-menu[8331: (process:8491): tar. «*itc errer' Preken pipe 

Apr 15 19:04:45 main-menu[8331: WARNING **: Configuring ’1iue-installer' failed with error code 1 
Apr 15 19:04:45 main-menu[8331: WARNING *«*: Henu item '1iue-installer' failed. 


PiicyHOK 4.27 3/cpan yaypnana ycraHOBKM 

BTopaa m TpeTbfl kohco/im (CTRL + Shift + F2 i/i CTRL + Shift + F3 
COOTBeTCTBeHHO), XpaHflT 06OJIOHKM, KOTOpbie Bbl M0>KeTe 
ncno/ib 30 BaTb A-na 60/iee AeTa/ibHoro M 3 yHem/m TeicymeM ci/iTyaum/i. 
BO/lbLUMHCTBO MHCTpyMeHTOB KOMaHAHOM CTpOKM npeAOCTaB/ieHbl B 
BusyBox, no3TOMy Ha6op cjDyHKUMM AOBO/ibHO orpaHi/meH, ho, TeM He 
MeHee, btoto AOCTaTOHHO A-na Toro, HTo6bi pa 3 pei±ii/iTb 60/1 bin i/ihctbo 
npo6/ieM, C KOTOpblMM Bbl B 03 M 0 >KH 0 CTO/1 KHeTeCb. 


HTO MO>KeT 6blTb Cfle/iaHO C nOMOLAbK) 060/IOHKM yCTaHOBLUMKa 

Bbi MO>KeTe npoBepMTb m M3MeHMTb 6a3y AaHHbix debconf c noMombio 
debconf-get m debconf-set. 3 th KOMaHAbi oco6eHHO yAo6Hbi A-na 
TecmpoBaHi/m 3HaaeHMM npecMAMHra. Bbi MO>KeTe npoBepi/iTb jik)6om 
dpai/in (HanpMMep, no/iHbm >KypHa/i ycTaHOBKM, AOcrynHbm b /var 
/log/syslog) c noMombio cat m/im ApyrHx KOMaHA- Bbi MO>xeTe 
peAa ktm poBaTb /no6oi/i dpawn c noMombio nano, BK/noaaa Bee (jjaM/ibi, 
ycTaHOB/ieHHbie b ci/icTeMe. KopHeBaa cjDaM/iOBaa ci/icTeMa 6yAeT 
CMOHTHpoBaHa Ha /target nocne 3aBepineHna 3Tana pa36neHne 
pa3Ae/iOB npouecca ycTaHOBKM. nocne HacTpoMKM ceTeBoro AOCTyna 
Bbi MO>KeTe ncno/ib30BaTb wget n nc (netcat) A-na M3B/ieHeHi/ia m 
BK cnopTa AaHHbix no ceTi/i. 
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noc/ie Toro, KaK Bbi Ha>KMeTe «npoAO/i>KMTb» Ha maBHOM aKpaHe c6oa 
ycTaHOBKM (PncyHOK4.26 «C6om npouecca ycraHOBKM» [cTp. 96]), Bbi 
6yAeTe B03BpameHbi Ha aicpaH, KOTopbiM b HopMa/ibHoPi cnTyauni/i Bbi 
6bi HMKorAa He yBMAe/iM (maBHoe MeHK), noKa3aHHoe Ha pi/icyHKe 
4.28, «r/iaBHoe MeHK) ycTaHOBmnKa» [crp. 98]), KOTopbiM b cbokd 
onepeAb no3BO.rmeT BaM 3anycKaTb oamh mar ycTaHOBKM 3a ApyrMM. 
Ec/im BaM yAa/iocb ycTpaHHTb npo6/ieMy, ncno/ib3ya Aocryn k 
060/iOHKe (npMMMTe HaiiiM no3ApaB/ieHi/m!), Bbi MO>KeTe noBTopHTb 
HeyAaBLUMMca mar. 



KALI 


Debian installer main menu 


Choose the next step in the install process: 


uckcu netwoiK iidiundit 
Configure the network 
Set up users and passwords 
Configure the clock 
Detect disks 
Partition disks 


Install the system 


Configure the package manager 

Install the GRUB boot loader on a hard disk 

Install the LILO boot loader on a hard disk 

Continue without boot loader 

Finish the installation 

Change debconf priority 

Check the CD-ROM(s) integrity 

Save debug logs 

Execute a shell 

Eject a CD from the drive 

Abort the installation 


Screenshot | Continue 

I 

PyicyHOK 4.28 r naBHoe Memo ycraHOBiuMKa 

Ec/im BaM He yAa/iocb pa3pei±iMTb npo6/ieMy, Bbi MO>KeTe 3axoTeTb 
COCTaBMTb OTHeT 06 OI±IM6Ke. flaHHbIM OTHeT AO/l>KeH BK/IKDHaTb b ce6a 
>KypHa/ibi ycTaHOBLUMKa, KOTopbie Bbi MO>KeTe no/iyHMTb c noMombK) 
c|)yHKUMM rnaBHoro MeHK) «CoxpaHMTb >KypHa/ibi McnpaB/ieHMA 
omM6oK» ("Save debug logs"). OHa npeA-naraeT MHO>KecTBO cnoco6oB 
BKcnopTMpoBaTb >KypHa/ibi, KaK noKa3aHO Ha pncyHKe 4.29, 
«CoxpaHMTb >KypHa/ibi McnpaB/ieHMfl omM6oK (l/2)» [CTp. 99]. 
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PucyHOK 4.29 Coxpanmb yKypnan McnpaB/ieHM* 

olum6ok (1/2) 

CaMbiM yflo6HbiPi cnoco6 m tot, KOTopbiM Mbi peKOMeHAyeM, - 
no3BonMTb ycTaHOBinnKy 3anycTMTb Be6-cepBep, Ha kotopom 
pa3MemaK)TCfi c^aPi/ibi >KypHana (pi/icyHOK 4.30, «CoxpaHMTb >KypHa/ibi 
McnpaB/ieHMjR oluh6ok ( 2/2 )» [cTp. 100]). 3aTeM Bbi MO>KeTe 
3anycTMTb 6pay3ep c Apyroro KOMnbKrrepa b tom we ceTM m 3arpy3MTb 
Bee c^aM/ibi wypHa/iOB m chmmkm aicpaHa, KOTopbie Bbi cAe/ia/iM c 
flOMOLUbK) KHOflKM «CKpMHLUOT», AOCTyflHOM Ha K3WA0M 3KpaHe. 
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KALI 

it orrcNSivt sccuritv 


Install the system 


Web server started 

A simple web server has been started on this computer to serve log files and debug info. An index 
of all the available log files can be found at http://192.168.122.105/ 


Screenshot 


Continue 


PucyHOK 4.30 Coxpanmb yKypnan McnpaB/ieHMfi 
olum6ok (2/2) 


4.6 lloABeAeM MTO rn 

B 3tom rnaBe Mbi cocpeAOTOHM/iMCb Ha npouecce ycraHOBKi/i Kali Linux. 
Mbi o6cyAnnn Mi/iHi/iMa/ibHbie CMCTeMHbie Tpe6oBaHn?i Kali Linux, 
npoqecc ycTaHOBKM A-nfl craHAapTHOM m no/iHOCTbio 3ai±iMc|3poBaHHOM 
CMCTeMbl, npeCMAHHT, KOTOpbIM Ae/iaeT B03M0>KH0M aBTOMaTMHeCKyK) 
ycTaHOBKy, KaK ycTaHOBHTb Kali Linux Ha pa3/iMHHbix ARM 
ycTpoPicTBax m hto Heo6xoAMMO Ae/iaTb b peAKMx c/iynafix c6oa 
yCTaHOBKM. 

OCHOBHbie MOMeHTbi: 

• CMCTeMHbie Tpe6oBaHMfl Kali Linux BapbMpyiOTCfl ot 6a30Boro SSH 
cepBepa, KOTopbiM He MMeeT pa6onero CTO/ia m KOTopoMy 
AOCTaTOHHO 128 MB 03Y (peKOMeHAyeTCfl 512 MB) m 2 TB 
Amckoboto npocTpaHCTBa, ao oneHb Tpe6oBaTe/ibHoro kali- linux- 
full meta-package, KOTopbiM Tpe6yeT xota 6bi 2048 MB 03Y m 20 
l"B npocTpaHCTBa Ha Ancice. flono/iHMTe/ibHO Bama ManiMHa AO/i>KHa 
MMeTb ueHTpa/ibHbiPi npoueccop, KOTopbiM noAAep>KMBan 6bi OAHy 
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M3 c/ieAyK)LUMx apxMTeKTyp: amd64, i386, armel, armhf, m/im 
arm64. 

• Kali Linux MOweT 6biTb c /lericocTbK) ycTaHOB/ieH KaK b KanecTBe 
OCHOBHOM OnepaUMOHHOM CMCTeMbl, TaK M Hapnay C ApyrMMM 
OnepaUMOHHbIMM CMCTeMaMM C nOMOLUbK) pa36MeHM3 M M3MeHeHMjq 
Hana/ibHoro 3arpy3HMKa m/im >Ke b KanecTBe BMpTya/ibHoPi ManiMHbi. 

• HT06bl rapaHTMpOBaTb KOHC^MfleHUMa/lbHOCTb BaLUMX ASHHblX, Bbl 
MO>KeTe HaCTpOMTb 3aLUMCt3pOBaHHbie pa3Ae/lbl. 3T0 3aLUMTMT BaLUM 
AaHHbie, ec/iM Bam HoyT6yK m/im >KecTKMM auck 6yAyT noTepjiHbi 
m/im yKpaAeHbi. 

• YCTaHOBLUMK T3K>Ke MO>KeT 6blTb aBTOMaTM3MpOBaH C nOMOLUbK) 
debconf preseeding, cfjyHKUMM, KOTopaa no3BO/uieT BaM 
aBTOMaTMnecKM OTBenaTb Ha Bonpocbi ycTaHOBKM. 

• Preseed dpawn jiB/uieTCJi o6bNHbiM TeKCTOBbiM cj^aPi/iOM, b kotopom 
K a>KAaa cTpoHKa coasp>kmt OTBeT Ha oamh Bonpoc Debconf. 
CTpoHKa pa3Ae/ieHa Ha neTbipe no/ia, KOTopbie pa3Ae/ieHbi Me>KAy 
co6oPi npo6e/iOM (npo6enaMM m/im Ta6y/uiuMePi). Bbi MO>KeTe 
noAaeprHyTb npecMAMHry OTBeTbi ycTaHOBLUMKy c noMombK) 
napaMeTpoB 3arpy3KM, Mcno/ib3ya preseed c^aPm b initrd, preseed 
ct>aPi/i b 3arpy30HH0M ycTpoPicTBe m/im >Ke preseed cj^aPm M3 ceTM 

• Kali Linux pa6oTaeT Ha caMbix pa3Hbix ycTpoPicTBax Ha 6a3e ARM, 
T3KMX KaK HOyT6yKM, BCTpoeHHbie BbNMC/lMTe/lM m n/iaTbi 
pa3pa60THMK0B. YcTaHOBKa ARM AOBO/ibHO npocTa. 3arpy3MTe 
Hy>KHbiPi BaM o6pa3, 3anMmMTe ero Ha SD-KapTy, USB-HaKonMTe/ib 
m/im BCTpoeHHbiM MOAy/ib My/ibTMMeAMa-KOHTpo/i/iepa (eMMC), 
noAK/iK)HMTe ero, 3arpy3MTe ycTpoPicTBO ARM, HaPiAMTe CBoe 
yCTpOPiCTBO B ceTM, BOPiAMTe B CMCTeMy M M3MeHMTe napo/lb SSH M 
K/ 1 KDHM XOCTa SSH. 

• Bbi MO>KeTe OT/iaAMTb c6om, B03HMKmMe b npouecce ycTaHOBKM, c 
noMombK) BMpTya/ibHbix KOHco/iePi (AOCTynHbix nyTeM Ha>KaTMJi 
CTRL+Shift m OAHoPi M3 cbyHKUMOHa/ibHbix K/iaBMm), debconf-get m 
debconf-set KOMaHA, npoHTeHMJi /var/log/syslog c(3aPi/ia >KypHa/ia, 
M/IM >Ke C nOMOLUbK) COCTaB/ieHMJl OTHeTa 06 OLUM6KaX, 
BK/iKDHaiomero b ce6a c^aPi/ibi >KypHa/ia, KOTopbie mo>kho M3B/ienb, 
Mcno/ib3yji cjDyHKUMK) ycTaHOBLUMKa «CoxpaHMTb >KypHa/ibi 
McnpaB/ieHMA omM6oK». 

Tenepb, KorAa Mbi o6cyAM/iM ocHOBbi Linux m npouecc ycTaHOBKM Kali 

Linux, AaBaPiTe o6cyAMM npouecc HacrpoMKM CMCTeMbl, HTo6bi Bbi 

Mor/iM npMCTynMTb k HacTpoPiKe Kali b cooTBeTCTBM m c BamMMM 

nOTpe6HOCT51MM. 
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HacTb 5: HacrpoMKa Kali Linux 

CoaepwaHne: 

5.1 HacTpoPiKa ceT m 

5.2 ynpaB/iem/ie Unix no.nb 30 BaTe.rmMM m Unix rpynnaMM 

5.3 HacTpoPiKa cny>K6 

5.4 ynpaB/iem/ie c/iy>K6aMM 

5.5 noflBeAeM MTorn 

KjiKDHeBbie c/iOBa maBbi: 

• CeTb; 

• ynpaB/ieHkie no/ib30BaTe/mMM m rpynnaMH; 

• Apache; 

• PostgreSQL; 

• SSH; 
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B 3tom rnaBe Mbi paccMOTpMM pa3/iMHHbie cnoco6bi HacrpoMKM Kali 
Linux. Chiana/ia b pa3Ae/ie 5.1 «HacTpoi/iKa ceTM» [cTp. 104] Mbi 
noKa>KeM BaM, KaK HacrpoMTb napaMeTpbi ceT m c noMombK) 
rpacJ^MHecKOM cpeAbi m KOMaHAHOM ctpokm. B pa3Aene 5.2 
«ynpaB/ieHne no.nb30BaTe.rm mm Unix m rpynnaMM Unix» [cTp. 107] Mbi 
noroBopMM o no/ib30BaTe/mx m rpynnax, noicaweM BaM, KaK co3AaBaTb 
m M3Mei-mTb yneTHbie 3anncn no.nb30BaTe.neM, ycraHaB/iMBaTb naporm, 
OTK/iKDHaTb yneTHbie 3anncn m ynpaB/mTb rpynnaMM. 1/1 HaKOHeq, Mbi 
o6cyAHM c/iy>K6bi b pa3Aene 5.3 «HacrpoMKa c/iy>K6» [cTp. 109] m 
oOtflCHi/iM, KaK HacTpouTb m noAAsp>KMBaTb o6mne c/iy>K6bi, a TaK>Ke 
cocpeAOTOHMMCfl Ha Tpex oneHb Ba>KHbix m KOHKpeTHbix c/iy>K6ax: 
SSH, PostgreSQL m Apache. 


5.1 HacTpoMKa ce™ 


5.1.1 Ha paSone/vi CTOAe c noMOUJ,bK) NetworkManager 

B cTaHAapTHOM MHcra/i/muMM pa6onero CTO/ia y Bac y>Ke ecTb 
ycTaHOB/ieHHbm NetworkManager, m Bbi MO>KeTe ynpaB/mTb mm, 
HacTpaMBaTb ero nepe3 ueHTp ynpaB/ieHMA GNOME, a Tao<e c 
noMombK) MeHK) b npaBOM BepxHeM ymy, KaK noKa3aHO Ha PMcyHKe 

5.1 "OKpaH HaCTpOMKM ceTM", [CTp. 104]. 
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PucyHOK 5.1 3/cpan HacrpouKM cern 

HacTpoMKM ceTH no yMO/iHaHMK) Mcno/ib3yK)T DHCP A-rm no/iyneHMA IP- 
aApeca, DNS-cepBepa m Lu/iK)3a, ho Bbi MO>KeTe ncno/ib30BaTb 3HanoK 
LuecTepeHKM b npaBOM HM>KHeM ymy, HTo6bi M3MeHMTb KOHcjDMrypauMK) 
pa3HbiMM cnoco6aMM (HanpMMep, ycTaHOBHTb MAC-aApec, 
nepeK/IKDHMTbCJR Ha CTaTMHeCKMe HaCTpOMKM, BK/lK)HMTb v\r\v\ 
OTK/llOHMTb IPv6 M A 06 aBMTb AOnO/lHMTe/lbHbie MapilipyTbl). Bbl 
MO>KeTe co3AaTb npoc^M/iM f\r\9\ coxpaHeHMA HecKO/ibKMx npoBOAHbix 
ceTeBbix KOHcjDMrypauMH m nerKO nepeK/nonaTbCfl Me>KAy hmmm. fl/ia 
6ecnpoBOAHbix ceTePi btm HacTpoMKM aBTOMaTMHecKM npMBA3biBaK)TCfl 
K MX ny6/lMHHOMy MA6HTM(f)MKaT0py (SSID). 

NetworkManager TaK>xe o6pa6aTbiBaeT coeAHHeHMA c noMombK) 
Mo6M/ibHoro LUMpoKono/iocHoro KaHa/ia (Wireless Wide Area Network 
WWAN), a Taioxe moasmob Mcno/ib3yK>mnx npoTOKO/i nepeAanM ot 
tohkm k TOHKe nepe3 Ethernet (point-to-point protocol over ethernet 
(PPPoE)). 1/1 nocneAHee, ho He MeHee Ba>KHoe : oh o6ecnenMBaeT 
MHTerpaqMK) co mhotmmm TMnaMM BMpTya/ibHbix nacmbix ceTePi (virtual 
private networks (VPN)) c noMombK) BbiAeneHHbix MOAy/iePi: SSH, 
OpenVPN, Cisco's VPNC, PPTP, Strongswan. npoBepbTe naKeTbi 
network-manager- *; 6o/ibiiiMHCTBO M3 hmx He ycTaHOB/ieHbi no 
yMonnaHMK). 06paTMTe BHMMaHMe, hto BaM Hy>KHbi naKeTbi c 
cycj^MKcoM -gnome, HTo6bi HacTpoMTb mx nepe3 rpacjDMHecKMM 
MHTepcjDeMC no/ib30BaTejiJi. 


5.1.2 Hepe3 KOMaHAHyio CTpoKy c no/viOLU.bKD Ifupdown 

B KanecTBe a/ibTepHaTMBbi, b Tex cnyHaflx, KorAa Bbi npeAnoHMTaeTe 
He Mcno/ib30BaTb ( m/im y Bac npocTO HeT AOCTyna) rpacjDMHecKMM 
MHTepcjDeMC, Bbl MO>KeTe HacTpoMTb CeTb C nOMOLAbK) y>Ke 
ycTaHOBneHHoro naKeTa ifupdown, KOTopbiPi BK/nonaeT b ce6a 
MHCTpyMeHTbi ifup m ifdown. 3tm MHcrpyMeHTbi cHMTbiBaiOT 
onpeAeneHMfi M3 c^aPina KOHcjDMrypauMM /etc/network/interfaces m 
ne>KaT b ocHOBe cqeHapMA MHMUMa/iM3auMM /etc/init.d/networking, 
KOTopbiM HacTpaMBaeT ceTb bo BpeMA 3arpy3KM. 

Ka>KAoe ceTeBoe ycrpoPicTBO, ynpaB/ifleMoe ifupdown, MOweT 6biTb 
ASKOHcjDMrypMpoBaHO b ruo6oe BpeMfl c noMombK) cereBoro 
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ycTpoPicTBd ifdown. 3aTeM Bbi MO>KeTe M3MeHi/iTb 
/etc/network/interfaces n BepHyTb ceTb (c hobom KOHcj^HrypaunePi) c 
noMombK) cere bo ro ycrponcTBa if up. 

flaBaPiTe no6/ii/i>Ke no3HaKOMi/iMca c TeM, hto Mbi MOweM B/io>KHTb b 
c^aPi/i KOHcj^nrypaunn ifupdown. CymecTByKDT ABe ocHOBHbie 
AnpeKTMBbi: aBTOMaTkinecKoe cereeoe ycrpoficTBO, KOTopoe roBopi/iT 
ifupdown aBTOMaTMHecKM HacTpoMTb ceTeBoPi HHTepcJ^ePic, KaK TO/ibKO 
oh cTaHOBHTca AOCTynHbiM, h iface cereBofi MHTeptpenc rnna 
inet/inet6 f\nn toto, HTo6bi HacrpaHBaTb AaHHbiPi HHTepcJoePic. 
HanpHMep, npocraa KOHcf)nrypaMna DHCP BbimflAMT cneAyKDLUMM 
o6pa30M: 


auto lo 

iface lo inet loopback 
auto eth0 

iface ethG inet dhcp 


06paTHTe BHHMaHkie, hto cneuHa/ibHbie KOHct>nrypaunM f\nn 
ycTpoPicTBa mnePict^a, BcerAa AO/i>KHbi npi/icyTCTBOBaTb b btom c^aPine. 
Ann KOHct>nrypai4Mn cf)MKCMpoBaHHoro IP-aApeca BaM Heo6xoAHMO 
npeAOCTaBHTb 6o/iee noApo6HyK) i/mc|}opMa 141/1 kd, TaKyK) KaK IP-aApec, 
ceTb i/i IP-aApec i±mK)3a: 


auto ethO 

iface eth0 inet static 
address 192.168.0.3 
netmask 255.255.255.0 
broadcast 192.168.0.255 
network 192.168.0.0 
gateway 192.168.0.1 


Ann 6ecnpoBOAHoro i/iHTepcj^ePica, y Bac AO/i>KeH 6biTb naKeT 
wpasupplicant (BK/iK)HeHHbiPi b Kali no yMO/inaHi/iK)), KOTopbiPi 
npeAOCTaBrmeT mhokoctbo wpa-* onui/iPi, KOTopbie b cbokd onepeAb 
MoryT 6biTb ncnonb30BaHbi b /etc/network/interfaces. Ann no/iyneHMa 
npMMepoB i/i Aono/iHi/iTe/ibHbix pastacHeHi/iPi 03HaK0MbTecb c 
/usr/share/doc/wpasupplicant/README.Debian.gz. CaMbiMi/i nacro 
ncnonb3yeMbiMn onum^MM flBrmiOTCfl wpa-ssid (KOTopafl onpenennej 
\AMn 6ecnpoBOAHoPi ceTi/i f\nn npi/icoeAHHeHUfl) h wpa-psk (KOTopaa 
onpeAenaeT i/iASHTMcf)HKauMOHHyK) cf)pa3y i/ijih k/ikdh, 3amnmaK)mnPi 
ceTb). 
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iface wlanO inet dhcp 
wpa-ssid MyNetWork 
wpa-psk plaintextsecret 


5.1.3 Hepe3 KOMaH^HyK) CTpoKy c noMOLU,bK) systemd-networkd 

HecMOTpfl Ha to, hto ifupdown nsnnejcn asbho ncno/ib3yeMbiM 
MHCTpyMeHTOM b Debian, m to, hto oh ao cmx nop AB.rmeTCfl 
CTaHAapTOM Ann cepBepoB v\nv\ Apyn/ix MHHMMa/ibHbix ycraHOBOK, 
cymecTByeT 6o/iee HOBbiPi MHCTpyMeHT, KOTopbiPi 3ac/iy>KMBaeT 
Hamero BHHMaHHfi : systemd-networkd. Ero HHTerpaunx c systemd 
nHm4na/iM3npyK)meM ci/icreMOM Ae/iaeT ero oneHb npMB/ieKaTe/ibHbiM. 
Oh He ABrmeTCfl qe/ieBbiM Ann AncTpn6yTi/iBOB Ha ocHOBe Debian (b 
OTriMHMe ot ifupdown) m 6bm pa3pa6oTaH KaK oneHb Ma/ieHbKm/i, 
3cf>cf)eKTMBHbiM m OTHOCMTe/ibHO npocroPi b HacTpoMKe, b tom c/iynae 
ec/iM Bbi xopomo noHMMaeTe cMHTaKCMc c^aM/iOB systemd. Ann Bac bto 
6yAeT oco6eHHO npMBneKaTenbHbiM Bbi6opoM, ec/in Bbi cni/iTaeTe, hto 
NetworkManager AB/iaeTCfl nepecnyp pa3AyTbiM m ctio>kho 
HacTpaMBaeMbiM. 

Bbi Hacrpai/iBaeTe systemd-networkd nyTeM noMemeHi/m ceTeBbix 
c^aPinoB (.network files) b AnpeKTopmo /etc/systemd/network/. B 
KanecTBe a/ibTepHaTi/iBbi Bbi MO>KeTe ncno/ib30BaTb 
/lib/systemd/network/ Ann naiceTMpoBaHHbix cj^aM/iOB v\nv\ 
/run/systemd/ network/A.rm c^aPi/iOB, creHepi/ipoBaHHbix bo BpeMA 
Bbino/iHeHM?i nporpaMMbi. OopMaT bthx cjoa m/iob AOKyMeHTi/ipyeTca b 
systemd. network(5). Pa3Ae/i Match yi<a3biBaeT ceTeBbie 
MHTepcjDeMCbl, K KOTOpbIM npMMeHfleTCfl KOHC|3MrypaMM}q. Bbi MO>KeTe 
yxa3aTb MHTepcjDeMC pa3/iMHHbiMM cnoco6aMM, Hanpi/iMep, no aApecy 
ynpaB/ieHMjR AOCTynoM k cpeAe (media access control (MAC)) v\nv\ no 
Tuny ycTpoPicTBa. Pa3Ae/i Network onpeAe/ifleT KOHc^Mrypaumo ceTi/i. 

npMMep 5.1 KoHcprirypaprifj Ha 6a3e DHCP b 
/etc/systemd/network/80-dhcp .network 


[Hatch] 

Name=en* 

[Network] 

DHCP=yes 
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KOHCpMrypauMfi 


ripiiMep 5.2 Cram^ecKan 

/etc/system d/network/50-static, network 


B 


[Match] 

Name=enp2s0 

[Network] 

Address=192.168.0.15/24 
Gateway=192.168.0.1 
DNS=8.8.8.8 


06paTMTe BHHMaHkie, hto system-networkd OTK/iKDHeH no yMO/inaHi/iK), 
noaTOMy, ec/in Bbi xoTMTe ero ncno/ib30BaTb, ero Heo6xoAHMO 
BK/iK)HHTb. 3to TaK>xe 3aBncnT ot systennd-resolved Ann npaBn/ibHon 
nHTerpaqnn DNS pa3pei±ieHi/m, hto b cbokd onepeAb Tpe6yeT ot Bac 
3aMeHbi /etc/resolv.conf cnMBO/innecKon ccbi/iicon Ha 
/run/system/resolve/resolv.conf, KOTopaa ynpaBrmeTCfl systemd- 
resolved. 


# systemctl enable systemd-networkd 

# systemctl enable systemd-resolved 

# systemctl start systemd-networkd 

# systemctl start systemd-resolved 

# In -sf /run/system/resolve/resolv.conf /etc/resolv.conf 


Xot n systemd-networkd crpaAaeT ot onpeAe/ieHHbix orpaHi/ineHni/i, 
BpoAe HeAOcraTKa nHTerpnpoBaHHon noAAepwicn 6ecnpoBOAHbix 
ceTen, Bbi Bee paBHO MOweTe no/iaraTbca Ha paHee cymecTBOBaBiuyK) 
BHeniHKDK) KOHc(3nrypai4HK) wpa_supplicant Ann noAAep>KKi/i 
6ecnpoBOAHOM ceTn. OAHaico, OHa oco6eHHO no/ie3Ha b KOHTePmepax 
n BkipTya/ibHbix MaiiiHHax n 6bma nepBOHana/ibHO pa3pa6oTaHa A-rm 
cpeA, b KOTopbix KOHcfjnrypaunfl ceTi/i KOHTenHepa 3aBnce/ia ot 
KOH ct>nrypauMn ceTn xocTa. B btom cueHapnn systemd-networkd 
ynpomaeT ynpaB/ieHi/ie o6enMn cropoHaMn nocneAOBaTe/ibHO, 
noAAep>KHBa?i BceB03M0>KHbie BHpTya/ibHbie ceTeBbie ycrponcTBa, 
KOTopbie MoryT noTpe6oBaTbca b btom Tune cueHapneB (cmotph 
systemd. netdev(5)). 


5.2 YnpaB/ieHMe Unix no/ib30BaTe/iflMM m Unix rpynnaMii 
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5a3a flaHHbix no.nb30BaTe.neM m rpynn Unix coctomt m3 TexcTOBbix 
<£aM.noB /etc/passwd (cnMcoK nojib30BaTe/ieM), /etc/shadow 
(3aLun4)poBaHHbie naporm nonb30BaTe/ieM), /etc/group (cnncoK 
rpynn) m /etc/gshadow (3ai±iMct3poBaHHbie naporm rpynn). I/lx 
c|)opMaTbi AOKyMeHTMpyKDTCJR b passwd(5), shadow(5), group(5), m 
gshadow(5) cooTBeTCTBemno. Xota stm cjDaM/ibi MoryT 6biTb 
OTpeAaKTMpoBaHbi BpyHHyio c noMombK) t3kmx MHcrpyMeHTOB, xax 
vipw m vigr, A-rm Bbino/iHeHMA Han6onee pacnpocTpaHeHHbix 
onepauMPi cymecTByiOT HHCTpyMeHTbi 6onee Bbicoxoro ypoBHA. 


5.2.1 Co3A,aHne noAb30BaieAbCKoro aKKayHTa 

HecMOTpa Ha to, hto Kali name Bcero 3anycKaeTCfl, npoBOAfl 
ayTeHTMcjDMKauMH b KanecTBe no/ib30BaTerm root, BaM Macro MO>KeT 
noHaAo6nTbCJR co3AaBaTb HenpnBnnernpoBaHHbie yneTHbie 3anncn 
no/ib30BaTe/iePi no pa3HbiM npMHMHaM, oco6eHHO ecrm Bbi 
ncno/ib3yeTe Kali b KanecTBe ochobhom onepaqMOHHOM cMcreMbi. 
CaMbiM npocToPi cnoco6 Ao6aBMTb no/ib30BaTerm - bto ncno/ib30BaTb 
KOMaHAy adduser, KOTopaa Tpe6yeT onpeAe/ieHHbiPi apryMeHT: hm n 
no/ib30BaTe/ifl (username) A-n^ hoboto no/ib30BaTerm, KOToporo Bbi 
6bi xoTe/iM co3AaTb. 

KoMaHAa adduser 3aAaeT HecKO/ibKO BonpocoB nepeA co3AaHneM 
yneTHoPi 3anncn, ho ee ncno/ib30BaHne AOBO/ibHO npocToe. Ero 
KOHctDMrypauMOHHbiM c|oa mji /etc/adduser.conf coAep>KMT MHO>KecTBO 
MHTepecHbix HacTpoex. Bbi MO>KeTe, HanpMMep, onpeAe/iMTb Anana30H 
MAGHTMcjDMKaTopoB no/ib30BaTe/ieM (user identifiers (UID)), KOTopbiM 
MOweT 6 biTb ncno/ib30BaH A-n^ Toro, HTo 6 bi o6o3HaHMTb ncno/ib3yK)T 
/im no/ib30BaTenn o 6 myK) rpynny m/im HeT, onpeAe/iMTb 060 /iOHKy no 
yMonnaHHK) m MHoroe Apyroe. 

Co3AaHne aKKayHTa 3anycKaeT nony/iauMK) AOMauiHMx AnpeKTopMM 
no/ib30BaTenePi c coAep>KMMbiM Lua6noHa /etc/skel/. 3 to 
npeAOCTaB/iaeT no/ib30BaTe/iK) Ha6op cTaHAapTHbix AnpeKTopMM m 
C|DaMT10B KOHC|3Hrypai4MM. 

B HeKOTopbix c/iynaax 6yAeT oneHb none3HO Ao6aB/iflTb no.nb30BaTe.nfl 
b rpynny (0T/iMHHyK) ot ochobhom rpynnbi no yMO/inaHHK)), HTo6bi 
npeAOCTaBMTb Aono/iHMTe/ibHbie pa3pei±ieHMfl. HanpMMep, 
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no/ib30BaTe/ib, BKAiOHeHHbiM b rpynny sudo, MMeeT no/iHbie 
aflMMHMCTpaTMBHbie npaBa nepe3 sudo KOMaHfly. noAo6Horo 
pe3y/ibTaTa mo>kho aoctmhb c noMombio Mcno/ib30BaHna c/ieAyK>meM 
KOMaHAbi adduser rpynna nonb30BaTenn. 


Mcno/ib30BaHue getent a/ uni o6pameHkm k 6a3e AaHHbix 
no/ib30BaTe/in: KoMaHAa getent (no/iyneHMe 3anncePi (get entries)) 
npoBepjneT cMcreMHbie 6a3bi AaHHbix (BK/uonaa 6a3bi AaHHbix 
no/ib30BaTe/ieM m rpynn) McnoAb3ya cooTBeTCTByKMAMe cfiyHKUMM 
6n6/lMOTeK, KOTOpbie B CBOKD OHepeAb Bbl3blBaK)T MOAy/lH CMCTeMbl 
MASHTMcjDMKauMM MMeH (name service switch (NSS)), HacTpoeHHbie b 
c^aPi/ie /etc/nsswitch.conf. flaHHaa KOMaHAa ncno/ib3yeT oamh mam 
ABa apryMeHTa: mma 6a3bi AaHHbix, KOTopyio Heo6xoAHMO npoBepMTb, 
m B03M0>KHbiM kaioh noncKa. TaKMM o6pa30M, KOMaHAa getent passwd 
kaliuserl BbiAacT MHc^opMaumo M3 nonb30BaTe/ibCKoPi 6a3bi AaHHbix o 
no/ib30BaTe/ie kaliuserl. 


root@kali:~# getent passwd kaliuserl 

kaliuserl:x:1001:1001:Kali User 

,4444,123-867-5309,321-867-5309:/home/kaliuserl:/bin/ 
** bash 


5.2.2 kl3MeHeHne cyw.ecTByKDLiJ.eM yneTHOM 3anncn mam napoAA 

CAeAyKDLUMe KOMaHAbi pa3peiliaK)T M3MeHeHMfl MHC|30pMai4MM, 
XpaHALUeMCA B KOHKpeTHbIX 06 AaCTAX n0Ab30BaTeAbCK0M 6a3bl 
AaHHbix: 

• passwd — n03B0AfleT 06blHHblM n0Ab30BaTeAAM M3MeHflTb CBOM 
napOAb, KOTOpbIM B CBOK) OHepeAb, 06H0BAAeT Ct>aMA /etc/ 
shadow ct>aMA; 

• chfn — (CMeHMTb noAHoe mma (CHange Full Name)), 

3ape3epBMpoBaHHoe aaa cynepnoAb30BaTeAA (root), M3MeH?ieT 
GECOS, mam o6AacTb "o6maa MHC^opMaMMA"; 

• chsh —(CMeHMTb o6oAOHKy (CHange SHell)) M3MeHAeT o6oAOHKy 

BxoAa noAb30BaTeA5n. OAHaKO AOCTynHbie BapuaHTbi 6yAyT 
orpaHMneHbi TeMM, KOTOpbie nepenMCAeHbi b /etc/shells; 

aAMMHMCTpaTOp, C APyrOM CTOpOHbl, He CBA33H 3TMM 

OrpaHMHeHMeM M MO>KeT yCTaHOBMTb 060 A 0 HKy B AK)6yK) 
Bbi6paHHyio nporpaMMy; 
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• chage—(CHange AGE) no3BormeT aAMMHMcrpaTopy i/i3MehmTb 
HacTpoPiKM cpoKa agmctbma naporm, yKa3biBafl mma 
nonb30BaTe/iJR b KanecTBe apryMeHTa m/im OTo6pa>Kafl TeKymMe 
HacTpoPiKM c noMombK) napaMeTpa -I nonb30BaTenb. KpoMeToro, 
Bbi TaK>Ke MO>KeTe npMHyAMTe/ibHO 3aBepi±iMTb Mcno/ib30BaHMe 
naporm c noMombK) KOMaHAbi passwd -e nonb30BdTenb, KOTopaa 
3acTaB/meT no/ib30BaTe/m MeHATb cbom napo/ib npM c/ieAyK>meM 
BxoAe b cMCTeMy. 


5.2.3 BAOKkipoBaHne aKKayHTa 

BaM MOweT noTpe6oBaTbc?i OTK/uoHMTb yneTHyK) 3anncb 
(3a6/iOKnpoBaTb no/ib30BaTe/m) b KanecTBe AncqMn/iMHapHOM Mepbi b 
ue/mx paccneAOBaHHfi m/im npocro b c/iynae A-nuTe/ibHoro m/im 
OKOHH aTe/ibHoro OTcyTCTBMfl no/ib30BaTe/m. 3a6/iOKMpoBaHHafl 
yneTHaa 3anncb 03HanaeT, hto no/ib30BaTe/ib He MO>KeT bomtm b 
CMCT eMy m/im no/iyHMTb AOCTyn k ManiMHe. yneTHaa 3armcb ocTaeTca 
HenoBpe>KASHHOM Ha MauiMHe, m HMKaKMe <£aM/ibi m/im AaHHbie He 
yAa/mKmm; OHa npocTO HeAOCTynHa. 3 to AOcmraeTca c noMombK) 
KOMaHAbi passwd -I no/ib30BaTe/ib (lock). noBTopHoe BK/noneHMe 
yneTHOM 3anMCM Bbino/iHfleTCfl aHa/iomHHbiM o6pa30M c onuMeM -u 
(pa36/iOKMpoBKa). 


5.2.4 YnpaBAeHMe Unix rpynnaMM 

KOMaHAbi addgroup m delgroup Ao6aB/mK)T m/im yAa/miOT rpynny, 
cooTBeTCTBeHHO. KoMaHAa groupmod M3MeHfleT MHcjDopMapMK) o 
rpynne (ee gid m/im MAeHTM^MKaTop). KoMaHAa gpasswdgroup 
M3MeHfleT napo/ib A-ns rpynnbi, a KOMaHAa gpasswd -r rpynna yAa/meT 
ero. 


Pa6oTa c HGCKO/ibKMMM rpynnaMM 

Ka>KAbiM no/ib30BaTe/ib MO>KeT 6biTb H/ieHOM mhotmx rpynn. OcHOBHaa 
rpynna no/ib30BaTe/ieM no yMO/inaHMio co3AaeTc?i bo BpeMA 
Hana/ibHOM HacrpoMKM no/ib30BaTe/m. no yMO/maHMK) Ka>KAbiM ct)aM/i, 
co3AaHHbiM no/ib30BaTeneM, npMHaA-ne>KMT no/ib30BaTe/iK), a TaK>Ke 
ochobhom rpynne no/ib30BaTe/m. 3to He BcerAa >KenaTe/ibHo; 
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HanpMMep, KorAa no/ib30BaTe/ib AO/i>KeH pa 6 oTaTb b AnpeKTopMM, 
pa 3 Ae/iaeMOM rpynnoPi, ot/imhhom ot mx ochobhom rpynnbi. B stom 
c/iynae no/ib30BaTe/iK> Heo 6 xoAHMO M3MeHMTb rpynnbi, ncno/ib3ya 
OAHy H3 c/ieAyKDmnx KOMaHA: newgrp, KOTopaa 3anycKaeT HOByio 
060 /iOHKy m/im sg, KOTopaa npocTO Bbino/ii-meT KOMaHAy, Mcno/ib3yfl 
npeAOCTaB/ieHHyK) a/ibTepHaTMBHyio rpynny. 3tm KOMaHAbi TaK>Ke 
no 3 BO/iflK)T npMcoeAHHMTbca k rpynne, k KOTopoPi ohm b HacToamee 
BpeMA He npMHaA-newaT. Ec/im rpynna 3 amnmeHa napo/ieM, mm 
Heo 6 xoAHMO 6 yAeT npeAOCTaBMTb cooTBeTCTByioiAMPi napo/ib nepeA 

BbinO/lHeHMeM KOMaHAbi. 

B KanecTBe a/ibTepHaTMBbi, no.nb30BaTe.nb MO>KeT ycraHOBMTb setgid 
bit Ha AnpeKTopMK), hto no 3 BO/ifleT c^aPi/iaM, co 3 AaHHbiM b 
AMpeKTopMM, aBTOMaTMnecKM npnHaA-newaTb BepHoPi rpynne. Ana 
no/iyneHMA 6 o/ibiiiePi MHcJ^opMauMM, cmotpm 3 aMeTKy «AMpeKTopnfl 
setgid m sticky bit» [page 58]. 

KoMaHAa id OTo 6 pa>KaeT TeKymee cocTOAHne no/ib30BaTerm, ero 
/iMHHbiPi MASHTMc[)MKaTop (nepeMeHHyio uid), TeKymyK) ocHOBHyio 
rpynny (nepeMeHHyio gid) m cnMcoic rpynn, k KOTopbiM ohm 
npMHaA-newaT (nepeMeHHaa groups). 


5.3 HacTpoMKa c/iy>t<6 

B 3tom pa3Ae/ie Mbi paccMOTpMM c/iy>K 6 bi (MHorAa Ha3biBaeMbie 
ASMOHaMM) m/im nporpaMMbi, KOTopbie pa 6 oTaiOT b c[>ohobom pe>KMMe 
M BbinO/lHflKDT pa3nMHHbie (J)yHKI 4 MM A-n^ CMCTeMbl. Mbl HaHHeM c 
o 6 cy>KAeHMjR KOHcj^nrypaunoHHbix c^aPi/iOB m Aa/iee 33TpoHeM TeMy 
KacaTe/ibHO Toro, KaK pa 6 oTaiOT HeKOTopbie Ba>KHbie c/iy>K 6 bi (TaKMe 
KaK SSH, Post-greSQL m Apache) m KaK mx mo>kho HacrpoMTb. 


5.3.1 HacTpoPiKa KOHKpeTHoPi nporpaMMbi 

Ec/im Bbi xoTMTe HacTpoMTb HeM3BecTHbiPi naKeT, Bbi AO/i>KHbi 
ASMCTBOBaTb nosTanHO. CHana/ia, BaM cneAyeT npoHMTaTb 
AOKyMeHTapMio. npeAOCTaB/ieHHyio HenocpeACTBeHHO 

BKcnnyaTaMMOHHMKOM. Debian c^aPin 

/usr/share/doc/pacfrage/README - AOBO/ibHO TaKM xopomee MecTO 
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Ann Hana/ia. 3tot c^ann name Bcero 6yAeT coAepwaTb HHc^opMaunK) 
o naKeTe, BKmoHan ccbinKn, KOTopbie MoryT nepeHanpaBHTb Bac Ha 
Aono/iHMTe/ibHyK) AOKyMeHTauMK). Bbi BcerAa csKOHOMHTe ce6e MHoro 
BpeMeHM n M36erHeTe yTOMHTenbHon pa6oTbi, npoHi/uaB btot cjDann c 
caMoro Hana/ia, nocKO/ibKy oh Macro AOBO/ibHO AeTa/ibHO onncbiBaeT 
Han6onee pacnpocTpaHeHHbie oi±ih6kh n peweHi/m 6onbi±MHCTBa 
pacnpocTpaHeHHbix npo6neM. 

flanee BaM Hy>KHO 03HaK0MHTbcn c ocbnunanbHon aoK yMeHTaLinen 
AaHHoro nporpaMMHoro o6ecneHeHnn. Mbi OTCbi/iaeM Bac k pa3Aeny 
6.1, «I/Ictohhhkh AOKyMeHTaunn» [cTp. 124] Ann nonyneHHfl 
Aono/iHnTe/ibHbix cobctob o tom, KaKnM o6pa30M nyHLiie ncKaTb 
pa3/inHHbie hctohhhkh AOKyMeHTaunn. KoMaHAa dpkg -L naKer 
npeAOCTaBrmeT cnncoK c^annoB, BKniOHeHHbix b naKeT; Bbi MO>KeTe 
6bicTpo onpeAe/inTb HMeK)i±iyK)Cfl AOKyMeHTaunK) (a TaK>xe c^an/ibi 
KOHc^nrypaLinn, pacno/io>KeHHbie b /etc/). Taioxe, KOMaHAa dpkg -s 
naKer OTo6pa>KaeT MeTaAaHHbie naKeTa n noKa3biBaeT /iK)6bie 
B03M0>KHbie peKOMeHAyeMbie nnn npeA-naraeMbie naKeTbi; TaM Bbi 
MO>KeTe HanTn AOKyMeHTaunK) nnn, bo3mo>kho, yTnnnTy, KOTopan 
o6nernnT HacrponKy nporpaMMHoro o6ecneneHnn. 

HaKOHeu, cjDannbi KOHc^nrypaunn Macro caMOAOKyMeHTnpyiOTcn 
mhothmh noncHnTenbHbiMn KOMMeHTapnnMn, noApo6HO 
onncbiBaiomnMn pa3nnMHbie B03M0>KHbie 3HaneHnn Ann Ka>KAoro 
napaMeTpa KOHc^nrypaunn. B HeKOTopbix cnynanx Bbi MOweTe 
3anycTnTb nporpaMMHoe o6ecneneHne nyTeM pacKOMeHTnpoBaHnn 
OAHon CTpoKn b c^anne KOHC^nrypaunn. B Apyrnx cnynanx npnMepbi 
c|3annoB KOHcj^nrypaunn coAepwaTcn b KaTanore /usr/share/doc 
/package/examptes/. Ohh MoryT cny>KHTb ochoboh A-rm Bamero 
co6cTBeHHoro c^anna KOHc^nrypaunn. 


5.3.2 HacTponKa SSH f\nn yAaneHHoro BXOA,a 

SSH no3BonneT BaM yAaneHHO BxoAnTb b cncTeMy, nepeAaBaTb 
cjDannbi nnn BbinonHflTb KOMaHAbi. 3to craHAapTHbin nHCTpyMeHT (ssh) 
n cny>x6a (sshd) A-nfl yAaneHHoro noAKnioneHnn k MamnHaM. 

B to BpeMn KaK openssh-server naKeT ycTaHOBneH no yMonnaHnio, 
cny>K6a SSH OTKniOMeHa no yMonnaHnio n, TaKnM o6pa30M, He 
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3anyci<aeTCfl ripn 3arpy3Ke CMCTeMbi. Bbi MO>KeTe BpynHyio 3anycTMTb 
cny>K6y c noMombK) KOMaHflbi systemctt start ssh mum BbicraBMTb, 
HTo6bi c/iy>K6a 3anycKanacb npM 3arpy3Ke c noMombK) KOMaHAbi 
systemctt enable ssh. 

C/iy>K6a SSH MMeeT OTHOCMTe/ibHO HopMa/ibHyK) KOHcjDMrypauMK) no 
yMonnaHMK), ho, ynMTbiBaa ee MomHbie bo3mo>khoctm m 
B oenpMMMHMBbiM xapaKTep, 6yAeT oneHb xopomo y3HaTb, hto Bbi 
CMOweTe CAe/iaTb c ee c^aM/iOM KOHcjDMrypauMM, /etc/ssh/sshd_ config. 
Bee napaMeTpbi 3aAOKyMeHTMpoBaHbi b sshd_config (5). 

KoH^MrypauMjR no yMO/inaHMio He pa3peniaeT bxoa A-rm no/ib30BaTe.nfl 
c noMombK) naporm, hto 03HanaeT, hto Bbi cHanana AO/i>KHbi 
ycTaHOBMTb SSH k/ikdh c noMombK) ssh-keygen. Bbi MO>KeTe 
pacniMpMTb 3 to npaBO Ha Bcex no.nb30BaTe.neM, ycTaHOBMB 
PasswordAuthentication Ha no, m/im Bbi MO>xeTe cHATb bto 
orpaHMneHMe, M3MeHMB PermitRootLogin Ha yes (BMecTO 
CTaHAapTHoro 3anpeTa-napo/ifl). 

C/iy>K6a SSH npocnyuiMBaeT no yMO/inaHMK) Ha nopTy 22, ho Bbi 
MO>KeTe M3MeHMTb 3 to c noMombK) AHpeKTMBbi Port. HT06bl npMMeHMTb 
HOBbie HacTpoPiKM, Bbi AO/i>KHbi 3anycTMTb KOMaHAy systemctt reload 
ssh. 


Co3flaHMe HOBbix KTnoneH SSH Host 

Ka>KAbiM SSH cepBep MMeeT cbom co6cTBeHHbie KpMnTorpacjDMHecKMe 
k/ikdhm, KOTopbie Ha3biBaiOTCfl "SSH host keys" m xpaHATca b 
/etc/ssh/ssh_host_*. Ohm AO/i>KHbi 6biTb npMBaTHbiMM, ec/iM BaM 
Tpe6yeTCJR KOHcj^MAeHMMa/ibHOCTb m He MoryT Mcno/ib30BaTbCA Ha 
HeCKO/lbKMX MaLUMHaX. 

npM ycTaHOBKe Baiuei/i CMCTeMbi nyTeM KonMpoBaHMfi no/iHoro o6pa3a 
AMcxa (BMecTO Mcno/ib30BaHM?i debian- installer) o6pa3 MOweT 
coAep>KaTb npeABapMTe/ibHO creHepMpoBaHHbie SSH k/ikdhm xocTa, 
KOTOpbie Bbi AO/l>KHbl 33MeHMTb Ha BHOBb CreHepMpOBaHHbie K/1IOHM. 
Bo3mo>kho, o6pa3 Taioxe coasp>kmt m napo/ib root no yMO/inaHMK), 
KOTOpbIM Bbi 3aXOTMTe c6pOCMTb OAHOBpeMeHHO. Bbi MO>KeTe CAe/iaTb 
Bee 3T0 C nOMOLAbK) C/ieAyKDLAHX K0M3HA■ 
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tf passwd 

[...] 

# rm /etc/ssh/ssh_host_* 

# dpkg-reconfigure openssh-server 

# service ssh restart 
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5.3.3 HacTpoMKa PostgreSQL 6a3 AaHHbix 


PostgreSQL flBrmeTCfl cepBepoM 6a3bi AaHHbix. Oh peAKO 6biBaeT 
no/ie3eH caM no ce6e, ho i/icno/ib3yeTCfl mhothmh apythmh c/iy>K6aMn 
A-rm xpaHeHi/m AaHHbix. 3 th c/iy>K6bi o6bi«-mo no/iynaiOT AOCTyn k 
cepBepy 6a3bi AaHHbix nepe3 ceTb n Tpe6yiOT yneTHbie AaHHbie A-na 
ayTeHTHC^MKaumR, HT06bl MMeTb B03M0>KH0CTb nOAKJlKDHMTbCfl. TaKMM 
o6pa30M, i\y\n Hacrponicn bthx cny>K6 Tpe6yeTca co3AaHne 6a3 
AaHHbix PostgreSQL i/i yneTHbix 3anncen no.nb30BaTe.nen c 
cooTBeTCTByKDLUHMM npaBaMM b 6a3e AaHHbix. HTo6bi 3 to CAenaTb, HaM 
Hy>KHO, HTo6bi c/iy>K6a 6bma 3anymeHa, noaTOMy AaBanTe HaHHeM c 
KOMaHAbi systemctt start postgresqt. 


noflflep>KKa MHOwecTBa eepcuM PostgreSQL 

riaxeT PostgreSQL no3BO/iaeT coBMecTHO ycraHaB/inBaTb Hecxo/ibKO 
BepcMM cepBepa 6a3bi AaHHbix. Taioxe bo3mo>kho o6pa6aTbiBaTb 
Hecxo/ibKO K/iacTepoB (K/iacTep npeACTaBrmeT co6on Ha6op 6a3 
AaHHbix, o6c/iy>KHBaeMbix oahhm h TeM >xe nocTMacTepoM). HTo6bi 
AOCTMHb 3Toro c^an/ibi KOHcjonry pai-inn Aon>KHbi xpaHMTbca b c)oaM/ie 
/etc/postgresq l/version/cl uster-na me/. 

[\nn toto HTo6bi K/iacTepbi 3anycKa/incb 6ok o 6ok, Ka>KAOMy hobomy 
K/iacrepy npncBanBaeTCfl cneAyiOLUHH HOMep AOCTynHoro nopTa 
(o6bNHO 5433 A-rm BToporo K/iacTepa). Oan/i postgresql.service 
npeACTaBJifleT co6on nycryio 060/iOHKy, hto ynpomaeT pa6oTy co 
BceMH K/iacrepaMM, nocKO-nbicy KawAbiPi K/iacTep MMeeT cboh 
co6cTBeHHbm 6 /iok (postgresql @ version- cluster .service). 


Tun noflK/noHeHMfl n ayTeHTucf^M tea lima K/ineHTa 

no yMonnaHHK) PostgreSQL npocnymi/iBaeT BxoA^mne coeAMHeHHfl 
AByM n cnoco6aMn: Ha TCP-nopTy 5432 MHTep<t>enca noKa/ibHoro 
xocTa n Ha cJoan/iOBOM coxeTe /var/run/postgresql/.s.PGSQL.5432. 
3 to MO>xeT 6biTb cKOHcf)MrypMpoBaHO b postgresql.conf c pa3/wHHbiMM 
AHpeKTMBaMi/i: Iisten_addresses A-n^ aApecoB A-rm npoc/iyLUHBaHHfl, 
port Ann TCP-nopTa n unix_socket_directories Ann onpeAe/ieHna 
AnpeKTopnn, b kotopoh 6yAyT co3AaHbi cj^aPmoBbie coiceTbi. 
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B 3aBHCMM0CTM OT TORD, K3KMM 06pa30M OHM flOflK/lKDHaiOTCfl, K/lMeHTbl 
npoxoflj^T ayTeHTMcf)MKauMK) pa3/iMHHbiMM cnoco6aMM. cDaPi/i 
KOHcf)MrypauMM pg_hba.conf onpeAermeT, KOMy pa3penieHO 
nOAK/lKDHaTbCfl K K3>KA0My COKeTy M KaK OHM ayTeHTMCf)MUMpyK)TC}l. no 
yMO/iHaHMK) coeAHHeHMjq b cf)aM/iOBOM coKeTe Mcno/ib3yK)T yneTHyK) 
3anMCb nonb30BaTejiJi Unix b KanecTBe mmchm nojib30BaTe/ifl 
PosgreSQL m npeAno/iaraiOT, hto Aa/ibHePiLuafl npoBepKa 
noA/iHHHOCTM He Tpe6yeTca. B coeAHHeHMM TCP PostgreSQL Tpe6yeT 
ot no.nb30BaTe.rm ayTeHTMc|)MKai4MM c noMombK) ziorMHa m napo/m 
(xota 3to He Unix mm n no/ib30BaTe/m m napo/ib, a cKopee yneTHbie 
AaHHbie, perynMpyeMbie caMOM PostgreSQL itself). no/ib30BaTe/ib 
postgres AB/meTca oco6eHHbiM m o6/iaAaeT no/iHbiMM 
aAMMHMCTpaTMBHbIMM npaBaMM, KOTOpbie pacnpOCTpaH^KDTCJR Ha Bee 
6a3bi AaHHbix. Mbi 6yAeM Mcno/ib30BaTb btot MAeHTMc^MKaTop A-na 
co3AaHMjq HOBbix no.nb30BaTe.neM m HOBbix 6a3 AaHHbix. 

Co3flaHMe no/ib30BaTe/ieM m 6a3 AaHHbix 

KoMaHAa createuser Ao6aB/meT HOBoro no/ib30BaTe/m, a dropuser 
yAa/meT ero. AHa/iorMHHO, KOMaHAa createdb Ao6aB/meT HOByio 6a3y 
AaHHbix, a dropdb yAa/meT ee. Ka>KAafl M3 btmx KOMaHA MMeeT cbom 
C 06 CTBeHHbie CTpaHMUbl pyKOBOACTBa, HO Mbl 06 cyAHM HeKOTOpbie M3 
BapMaHTOB 3Aecb. KawAaa KOMaHAa AePicTByeT Ha K/iacrrepe no 
yMO/inaHMK) (pa6oTaeT Ha nopTy 5432), ho Bbi MO>KeTe yKa3aTb — 
port =port i\ns\ Toro, HTo6bi M3MeHMTb no/ib30BaTe/ieM m 6a3bi AaHHbix 
a/ibTepHaTMBHoro K/iacTepa. 3tm KOMaHAbi AO/i>KHbi noAK/iKmaTbca k 
cepBepy PostgreSQL, HTo6bi Bbino/iHATb nocraB/ieHHbie nepeA hmmm 
33AaHM AO/l>KHblM 06pa30M, M T3K>Ke OHM AO/l>KHbl 6blTb 
ayTeHTMcj^MUMpoBaHbi b KanecTBe no/ib30BaTe/m c AOCTaTOHHbiMM 
no/iHOMOHMAMM A-rm BbinonHeHMjq yi<a3aHHOM onepauMM. CaMbiPi 
npocTOM cnoco6 Ao6MTbca 3Toro - Mcno/ib30BaTb yneTHyio 3anMCb 
postgres Unix m noAK/noHMTbCfl k c^aM/iOBOMy COKeTy: 


# su - postgres 
$ createuser -P kingphisher 

Enter password for new role: 

Enter it again: 

$ createdb -T templates -E UTF-8 -0 king_phisher kingphisher 
$ exit 


B 3tom npMMepe onuMA -P npocMT createuser 3anpocMTb napo/ib cpa3y 
>xe noc/ie co3AaHMfl HOBoro no/ib30BaTe/m king_phisher. 
PaccMaTpMBaji KOMaHAy createdb, -O onpeAe/meT no/ib30BaTe/m, 
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BnafleKDinero hobom 6a30H AaHHbix (KOTopaa, t3khm o6pa30M, HMeeT 
no/iHbie npaBa Ha co3AaHne Ta6/inu h npeAOCTaB/ieHHe pa3pei±ieHHPi 
h t. A-)- Mbi Tai<>Ke xothm Hcno/ib30BaTb ctpokh Unicode, noaTOMy Mbi 
Ao6aB/iaeM napaMeTp -E UTF-8 A-rm ycraHOBKH koahpobkh, hto, b 
cbokd onepeAb, Tpe6yeT ot Hac ncno/ib30BaTb napaMeTp -T A-rm 
Bbi6opa Apyroro Lua6/iOHa 6a3bi AaHHbix. 

Tenepb Mbi MOweM npoBepnTb, hto Mbi noAK.moHn.ni/icb k 6a3e AaHHbix 
nepe3 coKeT, npoc/iyi±iHBaK)LUHPi localhost (-h localhost), b KanecTBe 
nonb30BaTe/ijR king_phisher (-U king_phisher): 


# psql -h localhost -U king_phisher kingphisher 

Password for user king_phisher: 
psql (9.5.2) 

SSL connection (protocol: TLSvl.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, 
compression: off) 

Type "help" for help. 

king_phisher=> 


Kai< Bbi MO>KeTe BHASTb, coeAHHeHHe 6bmo npoBeAeHO ycneniHO. 

YnpaB/ieHMe K/iacTepaMii PostgreSQL 

Bo-nepBbix, ctoht OTMeTHTb, hto noHATne «K/iacTep PostgreSQL» 
AB/iaeTCfl oco6eHHbiM Aono/iHeHi/ieM Debian h hto Bbi He HaPiAeTe 
ccbi/iKH Ha 3tot TepMHH b ocf)nuna/ibHOH AOKyMeHTaunn PostgreSQL. 
C tohkh 3peHna HHCTpyMeHTOB PostgreSQL TaicoPi K/iacrep 
npeACTaB/iaeT co6oPi Bcero nmub 3K3eMnrmp cepBepa 6a3bi AaHHbix, 
pa6oTaK)mero Ha onpeAe/ieHHOM nopTy. 

TeM He MeHee, naKeT Debian postgresql-common npeAOcraB/ifleT 
HecKonbKO HHCTpyMeHTOB A-n^ ynpaBneHHjq tokhmh K/iacrepaMH: 
pg_createctuster, pg_dropctuster, pg_cttctuster, pg_upgradecluster, 
pg_renamectuster h pg_tsctusters. Mbi He 6yAeM onncbiBaTb Bee bth 
HHCTpyMeHTbl 3 Aecb, HO Bbi MO>KeTe 06paTHTbCfl K HX 
cooTBeTCTByioiAHM cTpaHHpaM pyKOBOACTBa Ann no/iyneHHfl 
AononHHTe/ibHoPi HHCj^OpMaUHH. 

Bbi Aon>KHbi 3HaTb, hto npn ycraHOBKe hoboPI Bepcnn PostgreSQL b 
BamePi cHCTeMe, OHa co3AacT HOBbiPi K/iacrep, KOTopbiPi 6yAeT 
pa6oTaTb Ha c/ieAyromeM nopTy (o6biHHO 5433), h Bbi 6yAeTe 
npoAO/i>KaTb Hcnonb 30 BaTb crapyio Bepcnio ao Tex nop, noKa Bbi He 
nepeHecHTe cboh 6 a 3 bi AaHHbix H 3 cTaporo K/iacrepa Ha HOBbiPi. 
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Bbi MOweTe no/iyHMTb cnncoK Bcex K/iacrepoB m mx cTaTyc c noMombK) 
pg_tsctusters. Bonee b3>kho to, hto Bbi MO>KeTe aBTOMaTM3npoBaTb 
nepeHOc Bamero K/iacTepa b noc/ieAHK)K) BepcMio PostgreSQL c 
noMombK) KOMaHAbi pg_upgradecluster crapafj-Bepcnfj UMH-Knacrepa 
( old-version cluster-name). Ann Toro HTo6bi 3Ta npoueAypa 
yBeHHanacb ycnexoM, Bbi AO/i>KHbi cHana/ia yAa/iMTb (nycroi/i) 
K/iacTep, KOTopbiM 6bm co3AaH f\nn hoboPi BepcMM (c noMombK) 
KOMaHAbi pg_dropctuster HOBan-Bepcun nMfj-K/iacrepa ( new-version 
cluster-name )). CrapbiPi K/iacrep He Bbi6pacbiBaeTca npoueccy, ho oh 
TaK>xe He 6yAeT 3anymeH aBTOMaTMnecKM. Bbi MO>KeTe c6pocnTb ero, 
Kax TO/ibKO y6eAHTecb b tom, hto o6HOB/ieHHbiPi K/iacrep pa6oTaeT 
AO/l>KHblM 06pa30M. 


5.3.4 HacTpoMKa Apache 

Tnni/NHafl ycTaHOBKa Kali Linux BK/iionaeT b ce6a Be6-cepBep Apache, 
npeAOCTaB/iaeMbiPi naiceTOM apache2. ByAyHM ceTeBoPi cny>K6oPi, oh 
no yMO/inaHHK) OTK/noneH. Bbi MO>KeTe 3anycTMTb ero BpynHyio c 
noMombK) systemctt start apache2. 

nocKO/ibKy Bee 6 o/ibiuee KO/iMnecTBO npn/io>KeHMM 
pacnpocTpaH^KDTCjq Kax Be 6 -npnno>KeHM?i, oneHb b3>kho MMeTb 
6a30Bbie 3 H 3 HHS 1 06 Apache f\nn Toro, HTo 6 bi pa 3 MemaTb bth 
npn/io>KeHH5q, 6 yAb to i\nn noKa/ibHoro Mcno/ib30BaHMfl v\nv\ f\nn mx 
AOCT ynHOCTM no ceTM. 

Apache nsnneTcn MOAy/ibHbiM cepBepoM, m MHome cJoyHKUMM 
pea/lM3yK)TC5q BHeillHMMM MOAy-n^MM, KOTOpbie 3arpy>KaK)TC5q OCHOBHOM 
nporpaMMoPi bo BpeMA ero MHMUMa/iM3auMM. KoHcjoMrypauMfl no 
yMonnaHMK) BK/iionaeT TO/ibKO caMbie pacnpocrpaHeHHbie MOAy/in, ho 
BK/iioneHMe HOBbix MOAy.nePi zierKO Bbino/iHfleTCfl c noMombK) 3anyci<a 
a2enmod MO/jyrw. Tai<>Ke Bbi MO>KeTe Mcno/ib30BaTb a2dismod MO/jy/ib 
A.rm OTK/noHeHMjq MOAy/i^. 3tm nporpaMMbi Ha caMOM Ae/ie TO/ibKO 
co3AaK)T (m/im yAarmiOT) cMMBO/ibHbie ccbi/iKM b /etc/apache2/mods- 
enabted/, yi<a3biBafl Ha cjoaKTMnecKMe c^aPi/ibi (xpaHAiAMeca b 
/etc/apache2/mods-avaitabte/). 

CymecTByeT MHoro MOAy/iePi, ho Aaa M3 hmx 3acny>KMBaK)T 
nepBOHana/ibHoro paccMOTpeHMa: PHP m SSL. Be6-npM/io>KeHMfl, 
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HarmcaHHbie Ha PHP, Bbino/iHflKrrcfl Be6-cepBepoM Apache c 
noMombK) BbiAeneHHoro MOAy/ia, npeAOCTaBrmeMoro naKeTOM 
libapache-mod-php, m ero ycraHOBKa aBTOMaTMnecKM BK/iKDHaeT 
MOAy/ib. 

Apache 2.4 BK/iKJHaeT b ce6 n MOAy/ib SSL, KOTopbiM Heo6xoAHM Ann 
o6ecneHeHi/m 6e3onacHoro HTTP (HTTPS). CHana/ia ero HywHO 
BK/iKDHMTb c noMombK) a2enmod ssl, 3aTeM b cjoan/ibi KOHc^MrypauMM 
AO/i>KHbi 6biTb Ao6aB/ieHbi Heo6xoAHMbie AHpeKTMBbi. npMMep 
KOHc^MrypauMH npeACTaB/ieH b /etc/apache2/sites-available/default- 
ssl.conf. 

TaK>Ke cmotpm: 

http://httpd.apache.Org/docs/2.4/mod/mod_ssl.html 

no/iHbii/i cnncoK cTa has Pth bix Apache MOAy-nePi MO>KeT 6biTb HaPiAeH 
OHnaPiH Ha 

http://httpd.apache.Org/docs/2.4/mod/index.html 

I/Icxoaa m3 Hana/ibHbix HacTpoeK no yMO/inaHMK) Be6-cepBep 
npocnyuiMBaeT nopT 80 (KaK HacrpoeHO b / etc / apache2 / ports.conf) 
m no yMonnaHMK) 3arpy>KaeT cTpaHMUbi M3 KaTa/iora / var / www / html 
/ (KaK yKa3aH0 B/etc/apache2/sites-enabled/000-default.conf). 

HaCTpOMKa BMpTya/lbHblX XOCTOB 

BMpTya/lbHblM XOCT flBJlfleTCfl AOnO/lHMTe/lbHOM MAGHTMCfjMKaUMeM A-nfl 
Be6-cepBepa. Oahh m tot we npoqecc Apache MOweT o6c/iy>KMBaTb 
HecKO/ibKO Be6-caMT0B (HanpMMep, www.kali.org m www.offensive- 
security.com), nocKO/ibKy HTTP-3anpocbi BK/iKDHaKrr b ce6n KaK mmjr 
3anpaniMBaeMoro Be6-caMTa, TaK m ziOKa/ibHyK) nacTb URL (3Ta 
c|3yHKMM?i Ha3biBaeTca name-based virtual hosts). 

KoHc(3Mrypai4Mfl no yMO/inaHMK) Ann Apache 2 BKnKDHaeT BMpTya/ibHbie 
xocTbi Ha ocHOBe MMeHM. KpoMe Toro, BMpTya/ibHbiM xoct no 
yMonnaHMK) onpeAe/iaeTCfl b cj^aMne /etc/apache2/sites-enabled/000- 
default.conf; btot BMpTya/ibHbiM xoct 6yAeT Mcno/ib30BaTbCfl, ec/iM He 
H3MASH XOCT, COOTBeTCTByKDLUMM 3anpOCy, OTnpaBneHHOMy K/lMeHTOM. 
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Ba>KHO 3H3Tb 



3anpocbi OTHOCMTe/ibHO HeM3BecTHbix Bi/ipTya/ibHbix xoctob 
B cerfla 6yflyT o6c/iy>Ki/iBaTbCfl nepBbiM onpeAenem-ibiM 
BHpTya/ibHbiM xoctom, no3TOMy naiceT OTnpaB/iaeT 000-default, 
conf, ct^aM/i KOH(f)Mrypai4MM, KOTopbM copTupyeT nepBbiPi cpeAn Bcex 
Apyri/ix c^aPi/iOB, KOTopbie Bbi Momi/i 6bi co3AaTb. 


3aTeM Ka>KAbiM BupTya/ibHbiPi xoct oni/icbiBaeTca c^aM/iOM, 
xpaHfuuMMCfi b /etc/apache2/sites-available/. 06bNHO c^aPi/i 
Ha3biBaeTca MMeHeM xocTa caPua, 3a KOTopbiM cnenyej cyc^c^MKc .conf 
(HanpuMep: www.example.com.conf). 3aTeM Bbi MO>KeTe BK/iK)HMTb 
HOBbiM BupTya/ibHbiPi xoct c noMOLAbK) a2ensite www.example, kom. 
Hn>Ke npHBeAeHa Mm-mMa/ibHaa KOHc^urypaMi/m BMpTya/ibHoro xocTa 
A-rm Be6-caPiTa, c^aPi/ibi KOToporo xparmTCfl b /srv/www. 
example.com/www/ (onpeAe.rmeTCfl c noMombK) napaMeTpa 
DocumentRoot): 


<VirtualHost *:80> 

ServerName www.example.com 
ServerAlias example.com 
DocumentRoot /srv/www.example.com/www 
</VirtualHost> 


Bbi TaK>Ke MO>KeTe paccMOTpeTb B03M0>KH0CTb Ao6aBneHi/m a^PSkti/ib 
CustomLog n ErrorLog A-rm HacrpoMKi/i Apache A-nfl BbiBOAa wypHa/iOB 
b c^aM/ibi, KOTopbie npeAHa3HaneHbi A-rm BHpTya/ibHoro xocTa. 

06114 kie RHpeKTHBbl 

B 3tom pa3Ae/ie KpaTKO paccMaTpi/iBaKrrcfl HeKOTopbie 1/13 o6bNHO 
ucno/ib3yeMbix KOHc^urypaunoHHbix HacTpoeK Apache. 

OCHOBHOM Cf)aM/l KOHCj^UrypaUMM 06 bNH 0 BK/UOHaeT HeCKO/lbKO 6 /iokob 
D irectory; ohh no3BormK)T yKa3biBaTb pa3Hbie Ti/mbi noBeAem/m A-rm 
cepBepa b 3aBncMM0CTM ot MecTono.no>KeHMfl dpawna, KOTopbiPi 6yAeT 
o6c/iy>KMBaTbCfi. Taxoi/i 6 /iok o6bNHO BK/uonaeT b ce6 n AnpeKTMBbi 
AllowOverride 1/1 Options: 
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<Directory /var/www> 

Options Includes FollowSymLinks 
AllowOverride All 

Directorylndex index.php index.html index.htm 
</Directory> 


flupeKTUBa Directorylndex coAep>KHT cnncoK cfoa mjhob, KOTopbie 
Hy>KHO nonpo6oBaTb, Kor^a K/ii/ieHTCKi/iPi 3anpoc cooTBeTCTByeT 
AkipeKTHBe. nepBbiM cymecTByK)LunPi (t>aPm b cnucKe ncno/ib3yeTCfl n 
OTnpaB/ijqeTCjq KaK otbct. 

flkipeKTUBa Options c/ieflyeT cnncoi< napaMeTpoB Ann BK/iKDHeHmr 
3HaneHne None OTK/iKDnaeT Bee napaMeTpbi; cooTBeTCTBeHHO, All 
BK/iKDHaeT nx Bee, KpoMe MultiViews. flocrynHbie onunn BK/iK)HaK)T b 
ce6fl: 

1. ExecCGI — 03HanaeT, hto CGI CKpnnTbi MoryT 6biTb Bbino/iHeHbi; 

2. FollowSymLinks — coo6maeT cepBepy, hto ci/iMBO/ibHbie ccbmKi/i 
pa6oTaK)T m, hto OTBeT Aon>KeH coflep>KaTb KOHTeHT noflo6HoPi 
ueneBoPi ccbi/iKi/i; 

3. SymLinksIfOwnerMatch — TaK>Ke coo6maeT cepBepy c/ieAOBaTb 
CMMBO/ibHbiM ccbi/iKaM, ho TO/ibKO TorAa, KorAa ccbi/iKa h ee ue/ib 
HMeKDT oahoto m Toro >xe BnaAe/ibua; 

4. Includes — BK/iK)HaeTSen/er Side Includes (SSI). 3to 
AH peKTHBbl, BCTpoeHHbie B HTML CTpaHHUbl, KOTOpbie 
MOMeHTa/ibHO Bbino/iHj^KDTCJi f\r\9\ Ka>KAoro 3anpoca; 

5. Indexes — coo6maeT cepBepy o cnucKe coAepwi/iMoro KaTa/iora, 
ec/in HTTP-3anpoc, OTnpaB/neHHbiPi K/ii/ieHTOM, yKa3biBaeT Ha 
KaTanor 6e3 hhaskchoto cjoan/ia (to ecTb, KorAa b btom KaTa/iore 
He cymecTByeT c|)aPi.noB, ynoMAHyTbix aupsktmboh 
Directorylndex); 

6. MultiViews — pa3pemaeT comacoBaHi/ie KOHTeHTa; bto MO>KeT 
6biTb ncno/ib30BaHO cepBepoM Ann B03BpaTa Be6-CTpaHi/iubi, 
cooTBeTCTByKDmePi npeAnoHHTaeMOMy A3biKy, KaK bto yKa3aHO b 
6pay3epe. 

Tpe6oBaHne ayTenTMC^MKauMn B HeKOTopbix c/iynaax AOCTyn k 
nacTH Be6-caPiTa Aon>KeH 6biTb n3MeHeH, nosTOMy AOCTyn k 
coAep>KHMOMy npeAOCTaB/uqeTCJi TO/ibKO jiera/ibHbiM no/ib30BaTe/iflM, 
KOTopbie npeAOCTaB/ijqKDT hma no/ib30BaTe/ifl h napo/ib. 
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OaPm .htaccess coAep>KMT AnpeKTMBbi KOHc|3Mrypai4MM Apache, 
KOTopbie npnMeHfiK)Tc?i Ka>KAbiPi pa3, Konaa 3anpoc o6pa6aTbiBaeT 
3/ieMeHT M3 AMpeKTopMM, b kotopom xpaHMTCjR c^ann .htaccess. 3tm 

AMpeKTMBbl flB/lflK)TCfl peKypCMBHbIMM, paCLUMpflfl 06 /iaCTb AeMCTBMfl 
Ha Bee cy6-AMpeKTopMM. 

EO/lbLUMHCTBO AHpeKTMB, KOTOpbie MOryT BbinOJlHflTbCfl B 6/lOKe 
Directory, T3K>Ke flBrmKrrcfl ziera/ibHbiMM b cjoaM/ie .htaccess. B 
AMpeKTMBe AllowOverride nepeHMc/ieHbi Bee napaMeTpbi, KOTopbie 
MO>KHO BK/IKDHMTb M/1M OTK/lKDHMTb nO nyTM .htaCCeSS. 06bNHblM 
Mcno/ib30BaHMeM 3tom onuMM flBrmeTCfl orpaHMneHMe ExecCGI, t3kmm 
06pa30M, HT 06 bl aAMMHMCTpaTOp Bbl6Mpa/l, K3KMe n0/lb30BaTe/lM 
MoryT 3anycKaTb nporpaMMbi noA MASHTMcfjMKaTopoM Be6-cepBepa 
(nonb30BaTe/ib www-data). 

flpuMep 5.3 Qatin .htaccess Tpe6yer ayrei-iTMcpMKaLiMto 


Require valid-user 
AuthName "Private directory” 

AuthType Basic 

AuthllserFile /etc/apache2/authfiles/htpasswd-private 


5a30Ban ayTeHTn4>MKai4nyi He npeflOCTaB/meT flocraTOWHyio 
6e3onacHOCTb 

CMCTeMa ayTeHTMcf)MKauMM, Mcno/ib3yeMafl b npMBeASHHOM Bbime 
npMMepe (Basic), MMeeT MMHMMa/ibHyK) cTeneHb 6e3onacHOCTM 
nocKO/ibKy napo/ib OTnpaB/ifleTCfl b AOCTynHOM m OTKpbiTOM Teiccre (oh 
TO/ibKO KOAHpyeTca Kax base64, hto AB.rmeTCfl npocToPi koaupobkom, 
a He MeTOAOM LUMctDpoBaHMfl). CneAyeT Taioxe OTMeTMTb, hto 
AOKyMeHTbl, 3aLAMLAeHHbie 3TMM MexaHM3MOM, T3K>Ke npOXOA^T Hepe3 
ceTb b AOBO/ibHO OTKpbiTOM bmag- Ec/im B3>KHa 6e30naCH0CTb, Becb 
HTTP-ceaHc AO/i>KeH 6biTb 3ai±iMc|3poBaH c noMombK) Transport Layer 
Sequence (TLS). 


OaM/i /etc/apache2/authfiles/htpasswd-private coagp>kmt cnncoK 
no/ib30BaTe/ieM m naponeu; ero o6biHHO o6pa6aTbiBaK)T c noMombio 
KOMaHAbi htpasswd. HanpMMep, A-rm Ao6aB/ieHMfl no.nb30BaTe.rm m/im 
M 3MeHeHMa napo/m Mcno/ib3yeTCA cneAyKDinafl KOMaHAa: 
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# htpasswd /etc/apache2/authfiles/htpasswd-private user 

New password: 

Re-type new password: 

Adding password for user user 


OrpaHMHeHMe aocryna flupeKTuea Require directive ynpaB/iaeT 
orpaHHHeHMflMM AOCTyna A-na AnpeKTopMM (m ee cy6-AHpeKTopMM, 
peKypcMBHo). 

3Ty AupsKTHBy mo>kho ucnonb30BaTb A-na orpaHMneHMfl AOCTyna no 
MHori/iM KpuTepMfiM; Mbi ocTaHOBMMCfi Ha oni/icaHi/m orpaHMHeHMA 
AOCTyna Ha ocHOBe IP-aApeca K/iMeHTa, ho ero mo>kho CAe/iaTb 
ropa3AO 6o/iee MomHbiM, oco6eHHO ec/iM HecKO/ibKO ahpoktmb 
Require comacoBaHbi b 6/iOKe RequireAll. 

HanpHMep, Bbi MO>KeTe orpaHMHMTb AOCTyn k ziOKa/ibHOM ceTM c 
noMombK) c/ieAyK)mePi AnpeKTMBbi: 


Require ip 192.168.0.0/16 


5.4 ynpaB/iehme c/iy>K6aiv\M 

Kali ncno/ib3yeT systemd KaK cbokd MHMUMa/iM3MpyK)LAyK) cMcreMy, 
KOTopaa He mnbKO OTBenaeT 3a noc/ieAOBaTenbHOCTb 3arpy3KM, ho 
TaK>Ke nocTOJRHHO BbicTynaeT b KanecTBe no/iHOcj^yHKUMOHa/ibHoro 
MeHeA>Kepa c/iy>K6, KOTopbiPi 3anycKaeT m KOHTpo/iMpyeT c/iy>K6bi. 

systemd mo>kho 3anpaninBaTb m KOHTpo/ii/ipoBaTb c noMombK) 
systemctl. 5e3 KaKnx-^n6o apryMeHTOB oh 3anycKaeT KOMaHAy 
systemctl list-units, KOTopaa bwboaht cnMcoic aKTi/iBHbix crpyKrypHbix 
sjiqmqhtob . Ec/im Bbi 3anycTMTe systemctl status, Ha BbixoAe 6yAeT 
noKa3aH MepapxMnecKMM o63op pa6oTaK)i±iMx c/iy>K6. CpaBHMBaa 06a 
BbixoAa, Bbi cpa3y bmamtc, hto cymecTByeT HecKO/ibKO bmaob 
CTpyKTypHbIX 3/ieMeHTOB, M HTO C/iy>K6bl 9\BH9\[OTC9\ /lMLUb OAHMM M3 
HMX. 

Ka>KAafl cny>K6a npeACTaB/ieHa cny>Ke6HbiM crpyKTypHbiM 3/ieMeHTOM , 
KOTopbiM onucbiBaeTca cny>Ke6HbiM c^ai/moM, o6biHHO OTnpaB/ieHHbiM 
b / lib / systemd / system / (m/im / run / systemd / system /, m/im / 
etc / systemd / system /; ohm nepeHMc/ieHbi nyTeM yBe/iMneHMA 
nop^AOK b3>khoctm, rAe noc/ieAHMM nBnneTcn caMbiM Ba>KHbiM). 
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Ka>KflblM H3 H MX MO>KeT 6blTb M3MeHeH flpyrMM CjDaPi/lOM MMfJ-C/iy>K6bl 
.service.d/*.conf b tom we Ha6ope AnpeKTopMM. 3tm cjoaM/ibi 9\Bn9\\ojcn 
npocTbiMn TeKCTOBbiMn c^ai/maMM, nePi cj^opMaT BAOXHOB/ieH xopomo 
M3BecTHbiMn ct>aM/iaMM "*.ini" b Microsoft Windows, c napaMM key = 
value crpynm/ipoBaHHbiMM MewAy [section] 3aro/iOBKaMM. 3Aecb Mbi 
bmamm npuMep c/iy>Ke6Horo cjDaPma Ann /lib/ 
systemd/system/ssh.service: 


[Unit] 

Description=OpenBSD Secure Shell server 

Afte r=netwo rk.ta rget auditd.se rvice 

ConditionPathExists=!/etc/ssh/sshd_not_to_be_run 

[Service) 

EnvironmentFile=-/etc/default/ssh 
ExecStart=/usr/sbin/sshd -D $SSHD_0PTS 
ExecReload=/bin/kill -HUP SMAINPID 
KillMode=process 
Restart=on- failure 
RestartPreventExitStatus=255 
Type=notify 

[Install) 

WantedBy=multi-user.target 
Alias=sshd.service 


UeneBbie cTpyKTypHbie 3/ieMeHTbi flBrmiOTCfl HacTbK) AH3aPiHa 
systemd. Ohm npeACTaB/iaiOT we/iaeMoe cocroflHMe, KOTopoe Bbi 
XOTMTe AOCTMHb MCXOA^ M3 aKTMBMpOBaHHbIX 3/ieMeHTOB (HTO 
03HanaeT pa6oTaK)myK) c/iy>K6y b OTHomeHMM cnywe6Horo 3/ieMeHTa). 
Ohm cymecTByKDT maBHbiM o6pa30M KaK cnoco6 rpynnMpoBKM 
3aBMCMMOCTeM ot ApyrMx 3/ieMeHTOB. KorAa cMCTeMa 3anycKaeTca, 
OHa no3BormeT 3/ieMeHTaM, Tpe6yeMbiM unn AOCTMweHMfl 
default.target (KOTopaa AB/iaeTCfl cMMBO/ibHOM ccbmKOM Ha 
graphic.target m, b cbokd onepeAb, 33bmcmt ot multi-user.target). 
TaKMM 06pa30M, Bee 3aBMCMMOCTM 3TMX Lie/iePi aKTMBMpyiOTCfl BO 
BpeMfl 3arpy3KM. 

noAo6Hbie 33BMCMM0CTM BbipawaKrrca c noMOLUbK) AHpeKTMBbi Wants 
Ha ueneBOM 3/ieMeHTe. Ho BaM He HywHO peAa ktm poBaTb ueneBoPi 
aneMeHT Ann Ao6aB/ieHMfl HOBbix 33BMCMM0CTeM, Bbi TaKwe MOweTe 
C03AaTb CMMBO/lbHyK) CCbl/lKy, yKa3blBaK)LUyK) 33BMCMMblM 3/ieMeHT B 

AMpeKTopMM /etc/systemd/system/target-name .target.wants/. I/I bto 
KaK pa3 nsnnejcn mmchho TeM, hto Ae/iaeT systemctl enable 
foo. service. KorAa Bbi BK/nonaeTe cnyw6y, Bbi roBopMTe systemd 
Ao6aBMTb 33BMCMM0CTb ot ue/iePi, yKa3aHHbix b 3anMCM WantedBy 
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pa3Aena [Install] c^ai/ma cny>Ke6Horo 3/ieMeHTa. \A Hao6opoT, 
systemctl disable foo. service c6pacbiBaeT Ty >Ke ci/iMBO/ibHyK) ccbmKy 
M, C/ieAOBaTe/lbHO, 3aBMCMMOCTb. 

KOMaHAbl BK/lK)HeHl/m M BblK/lKDHeHMfl HMHerO He MeHflKDT B OTHOLUeHMM 
TeKymero coctoahma c/iy>K 6 . Ohh B/ii/mK)T TO/ibKO Ha to, hto 
npon30MAeT np m cneAyKDmei/i 3arpy3Ke. Ecrm Bbi xoTi/ue HeMeA-neHHO 
3anycTMTb c/iy>K 6 y, Bbi AO/i>KHbi BbinonHMTb KOMaHAy systemctl start 
foo. service, I/I Hao 6 opoT, Bbi MO>KeTe ocraHOBi/iTb ee c noMombK) 
KOMaHAbl systemctl stop foo. service. Bbi TaK>Ke MO>KeTe npoBepi/iTb 
TeKymuPi CTaTyc c/iy>K 6 bi, i/icno/ib3yfl KOMaHAy systemctl status 
foo. service, KOTopaa oneHb KCTaTi/i BK/nonaeT b ce 6 a noc/ieAHne 
CTpoKM conyTCTByiomero >KypHa/ia. noc/ie i/i3MeHeHi/m KOHcJmry pa 141 /m 
c/iy>K 6 bi Bbi MO>KeTe nepe3arpy3MTb 1 / 1 /m nepe3anycn/iTb ee: btm 
onepaum/i Bbino/iHflKnxfl c noMombK) with systemctl reload foo. service 
h systemctl restart foo. service cooTBeTCTBeHHO. 


# systemctl status postgresql 

# postgresql.service - PostgreSQL RDBMS 

Loaded: loaded (/lib/systemd/system/postgresql.service; disabled; vendor preset: 

** disabled) 

Active: inactive (dead) 

# Is -al /etc/systemd/system/multi-user.target.wants/postgresql.service 

Is: cannot access '/etc/systemd/system/multi-user.target.wants/postgresql.service': No 
»» such file or directory 

# systemctl enable postgresql 

[---] 

# Is -al /etc/systemd/system/multi-user.target.wants/postgresql.service 

Irwxrwxrwx 1 root root 38 Apr 21 16:21 /etc/systemd/system/multi-user.target.wants/ 

*» postgresql.service -> /lib/systemd/system/postgresql.service 

# systemctl status postgresql 

# postgresql.service - PostgreSQL RDBMS 

Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: 
disabled) 

Active: inactive (dead) 

# systemctl start postgresql 

# systemctl status postgresql 

# postgresql.service - PostgreSQL RDBMS 

Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: 
disabled) 

Active: active (exited) since Thu 2016-04-21 16:22:29 EDT; 2s ago 
Process: 6355 ExecStart=/bin/true (code=exited, status=0/SUCCESS) 

Main PID: 6355 (code=exited, status=0/SUCCESS) 

Apr 21 16:22:29 kali-rolling systemd[l]: Starting PostgreSQL RDBMS... 

Apr 21 16:22:29 kali-rolling systemd[l]: Started PostgreSOL RDBMS. 


5.5 noABeAeM morn 

B 3tom rnaBe Mbi y3Ha/m, KaK HacTpoHTb Kali Linux. Mbi Hacrpoi/i/m 
napaMeTpbi ceTi/i, noroBopi/i/m o no.nb30BaTe.rmx h rpynnax h 
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o 6 cy am/im, KaK co3flaBaTb h M3MeHATb yneTHbie 3anncn 
nonb30BaTe/iePi, ycraHaB/iMBaTb napo/iM, OTK/iKDnaTb yneTHbie 3anncn 
m ynpaB/iflTb rpynnaMM. HaKOHeu, Mbi 3aTpoHy/iM TeMy o c/iy>K 6 ax n 
obtacHM/iM, KaK HacTpanBaTb n noAAep>KMBaTb o 6 mne c/iy>K 6 bi, b 
nacTHOCTM SSH, PostgreSQL m Apache. 

OCHOBHbie MOMeHTbi: 

• npn o 6 bNHoPi ycTaHOBKe nepe3 nHTepcj^ePic pa 6 onero cro/ia y Bac 
y>Ke ycTaHOBJieH NetworkManager, n ero mo>kho KOHTpo/iMpoBaTb m 
H acTpanBaTb nepe 3 ueHTp ynpaB/iem/m GNOME, a TaK>Ke c 
noMombK) MeHK), HaxoAflLueroca b npaBOM BepxHeM ymy; 

• Bbl MO>KeTe HaCTpOUTb CeTb C nOMOLUbK) KOMaHAHOM ctpokh c 
noMombK) MHCTpyMeHTOB ifup h ifdown, KOTopbie nepnaKDT cbom 
nHCTpyKUMM H 3 /etc/network/interfaces c^ai/ma KOHcj^MrypauMM. 
flawe 6 onee HOBbiPi nHCTpyMeHT systemd-networkd pa 6 oTaeT c 
MHnuMMpyKDinePi cMCTeMOM systemd; 

• no yMonnaHHK) 6a3a aam-ibix no.nb30BaTe.neM m rpynn Unix coctout 
H3 TeKCTOBbix c^aM/iOB /etc/passwd (cnucoK no/ib30BaTe/iePi), 
/etc/shadow (3ai±iMc|3poBaHHbie napo/iM no/ib30BaTe/iePi), 
/etc/group (cnucoK rpynn), and /etc/gshadow (3ai±iMc|)poBaHHbie 
naponn rpynn); 

• Bbi MOweTe ncno/ib30BaTb KOMaHAy getent, HTo 6 bi 03HaK0MMTbca c 
nonb30BaTe/ibCKoPi 6a3oPi aam-ibix m flpyrnMn cMcreMHbiMM 6a3aMM 
flaHHbix; 

• KoMaHfla adduser 3aflaeT HecKO/ibKO BonpocoB nepeA co3AaHneM 
yneTHoPi 3anncn, ho ABrmeTCfl np^MbiM cnoco 6 oM co3AaHi/m hobom 
yneTHoPi 3anncn no.nb30BaTe.nfl; 

• HecKO/ibKO KOMaHA MoryT 6 biTb ncno/ib30BaHbi p,r\9\ M3MeHeHMfl 
HeKOTopbix 06 /iacTePi b no/ib30BaTe/ibCKOM 6a3e AaHHbix: passwd 
(n 3 MeHMTb napo/ib), chfn (n 3 MeHHTb no/iHoe mma h none GECOS, 
m/im o 6 mee MHcj^opMauMOHHoe none), chsh (n3MeHHTb 060 /iOHKy 
BxoAa), chage (n3MeHMTb «B03pacT» napo/ifl), h passwd -e 
nonb30BdTenb (3acTaB/ifleT no/ib30BaTe/ifl MeHATb cbom napo/ib npM 
c/ieAyK)meM bxoas b cMcreMy); 

• Ka>KAbiPi no/ib30BaTenb MO>KeT 6 biTb nneHOM oahom m/im HecKO/ibKMx 
rpynn. fl/ifl M 3 MeHeHMA MASHTMcf)MKaTopa rpynnbi mo>kho 
M cno/ib30BaTb HecKO/ibKO KOMaHA: newgrp M3MeHfleT TeKymMM 
MASHTMcf)MKaTop rpynnbi, sg Bbino/iHfleT KOMaHAy, Mcno/ib3yfl 
npeAOCTaBneHHyK) a/ibTepHaTMBHyK) rpynny, setgid bit MO>KeT 6 biTb 
noMemeH b AMpeKTopMK), 3acTaB/iflfl ctoaM/ibi, co3AaHHbie b btom 
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KaTa/iore, aBTOMaTi/inecKi/i npi/maA-newaTb k hy>khom rpynne. KpoMe 
Toro, KOMaHfla id OTo6pa>KaeT TeKymee cocTOAHne no/ib30BaTe/ifl, 
BKnKDHaa cnncoK H/ieHOB cBoePi rpynnbi; 

• Bbi MOweTe BpyHHyK) 3anycTMTb SSH c noMombK) systemctl start 
ssh I/I/1M BK/IKDHMTb erO Ha nOCTOAHHOM OCHOBe C nOMOLUbK) 
systemctl enable ssh. KoHc|3nrypai4Mfl no yMO/iHaHmo OTK/iKDHaeT 
napo/iM A-n^ ayTeHTncf)MKaunn no.nb30BaTe.rm root, hto 03HanaeT, 
HTO Bbl AO/l>KHbl CHana/ia HaCTpOHTb SSH-K/IKDHM C nOMOLUbK) ssh- 
keygen; 

• PostgreSQL - 3to cepBep 6a3bi AaHHbix. Oh peAKO 6biBaeT no/ie3eH 
caM no ce6e, ho ncno/ib3yeTCfl mhothmm apythmm c/iy>K6aMi/i A-rm 
xpaHeHi/m AaHHbix; 

• 06bNHaa ycTaHOBKa Kali Linux BK/iionaeT b ce6a Be6-cepBep 
Apache, npeAOCTaB/meMbii/i naiceTOM apache2. EyAyni/i ceTeBoPi 
c/iy>K6oPi, oh no yMO/inaHHK) OTK/iioneH. Bbi MO>KeTe BpyHHyio 
3anycTMTb ero c noMombK) systemctl start apache2; 

• I/Icxoaa H3 HacTpoeK no yMonnaHmo, Apache npoc/iyuiHBaeT nopT 
80 (KaK HacTpoeHO b /etc/apache2/ports.conf) h no yMO/inaHi/iK) 
ncno/ib3yeT cTpaHi/iubi H3 AnpeKTopm/i /var/www/html/ (KaK 
yKa3aHO b /etc/apache2/sites-enabled/000-default.conf). 

Tenepb, KorAa Mbi paccMOTpenn ocHOBbi Linux h o6cyAn/in c BaMi/i 
ycTaHOBKy h HacrpoPiKy Kali Linux, AaBaPiTe KOCHeMca Bonpoca, KaK 
ycTpaHMTb npo6neMbi, KOTopbie MoryT B03HMKHyTb bo BpeMA 
ncnonb30BaHHjq Kali h Hayni/iM Bac HeKOTopbiM HHCTpyMeHTaM h 
TpKDKaM A-n^ toto, HTo6bi Bbi Momi/i co3AaBaTb pe3epBHbie Konm/i h 
6ecnpenflTCTBeHHO 3anycKaTb ci/icreMy b c/iynae B03HMKH0BeHHfl 
k3khx jim6o npo6/ieM. 


149 



HacTb 6: no/iyneHMe noMomi/i 

Coflep>KaHMe: 

6.1 Mctohhhkm AOKyMeHTauMH 

6.2 Coo6mecTBa Kali Linux 

6.3 OopMupoBai-me xopomero OTneTa 06 OLui/i6Ke 

6.4 noABeAeM i/iToru 

K/ifoneBbie c/iOBa maBbi: 

• floKyMeiHTaui/m; 

• OopyMbi; 

• KaHan IRC; 

• OTneT 06 OLuu6Ke; 
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He3aBncnM0 ot toto, cKO/ibKO neT onbua y Bac ecTb, HeT coMHeHMM 
b tom, hto paHO min no3AHO Bbi cTO/iKHeTecb c npo6/ieMOi/i. Pemaa 
B03HMKLuyK) npo6/ieMy, nepBoe, hto Heo6xoAMMO CAenaTb - bto 
oco3HaTb ee cyTb, a 3aTeM ncno/ib30BaTb pa3/iMHHbie pecypcbi A-na 
noMCKa penieHHfl m/im pa6oTbi. 

B 3tom r/iaBe Mbi paccMOTpi/iM pa 3 /ii/iHHbie AOCTynHbie mctohhmkm 
MHcj^opMauMM h o6cyAMM /lyHiime cTpaTerm/i noMCKa Heo6xoAMMOM 
BaM nOMOLUH MAM peLUeHMfl npo6AeMbl, C KOTOpOM Bbl MO>KeTe 
CTO/lKHyTbCfl. Mbl T 3 K>Ke n 03 HaK 0 MMM BaC C HeKOTOpbIMM 
AOCTynHbiMM pecypcaMM Coo6mecTBa Kali Linux, BK/nonafl Be6- 
c(3opyMbi m cucTeMy rpynnoBbix AMCKycci/m b MHTepHeTe (Internet 
Relay Chat (IRC)). HaKOHeq, Mbi no3HaKOMMM Bac c t3kmm 
noHfiTMeM? KaK othct 06 OLun6Kax, u noKa>KeM BaM, KaK 
ucnoAb 30 BaTb cncTeMbi perucTpaunu olum6ok A-na ycrpaHeHMfl 
HenoAaAOK n pa 3 pa 6 oTKM cTpaTeruu, KOTopbie noMoryT BaM co 3 AaTb 
C06CTBeHHblM OTHeT 06 OLUM6KaX, HT06bl MO>KHO 6bl/10 6blCTpO M 
acfx^eKTMBHO o6pa6aTbiBaTb HeAOKyMeHTMpoBaHHbie npo6/ieMbi. 


6.1 Mctohhmkm flOKy/vieHTau^MM 


npe>KAe neM Bbi CMO>KeTe noHATb, hto nponcxoAMT Ha caMOM Ae-ne, 
KorAa y Bac B03HMKaeT npo6/ieMa, BaM Heo6xoAMMO oco3HaTb 
TeopeTMnecKyK) po/ib, KOTopyK) MrpaeT Ka>KAa?i M3 nporpaMM, 
BOBAeneHHbix b 3Ty npo6/ieMy. Oahmm m 3 caMbix /lynuiMx cnoco6oB 
CAenaTb 3 to flBrmeTCfl npocMOTp AOKyMeHTauMM nporpaMMbi. flaBaPiTe 
HanHeM Hame o6cy>KAeHMe c toto MecTa, rAe Bbi tohho cMO>KeTe h3mtm 
A aHHyio AOKyMeHTauMK), t.k. OHa name Bcero AB/iaeTCfl pa36pocaHHoPi 
no pa3HbiM MecTaM. 

KaK M36e>KaTb RTFM OTBeTOB 

flaHHa 9\ a66peBnaTypa paouMc^poBbiBaeTCfl KaK «npoHTM AO/i6aHHyK) 
MHCTpyKUMK)» ("read the f***ing manual,"), OAHaKO, OHa TaK>Ke 
MO>KeT 6biTb pacLUMcj^poBaHa b 6o/iee ApywecTBeHHoPi MaHepe 
«npoHMTaPfre TOHHoe pyKOBOACTBO» ("read the fine manual."). 3Ta 
c(3pa3a MHorAa Mcno/ib3yeTCfl b (KpaTKMx) OTBeTax Ha Bonpocbi 
HOBMHKOB. 5e3yC/10BH0, 3T0 flBJlfleTCfl AOBOJlbHO pe3KMM, M Bbl3blBaeT 
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onpeAe/iem-ioe pa3Apa>KeHMe M3-3a toto, hto Bonpoc, 3aAaeTca TeM, 
kto Aa>Ke He yAOcywM/icfl npoHMTaTb ocHOBHyK) AOKyMeHTauMio. 
HeicoTopbie roBop^T, hto btot K/iaccMnecKMPi otbct /lynwe, neM 
BOo6me HMKaKoro OTBeTa, nocKO/ibKy bto xota 6bi HaMeicaeT, hto 
OTBeT ne>KMT B AOKyMeHTaUMM. 

KorAa Bbi 3aAaeTe noAo6Hbie Bonpocbi, He o6fl3aTe/ibHO npMHMMaTb 
6/im3ko k cepAUy c/iynaMHbie OTBeTbi RTFM, ho Bbi AO/i>KHbi cAe/iaTb 
Bee B03M0>KH0e, HT06bl XOTfl 6bl nOKa3aTb, HTO Bbi nOTpaTM/lM BpeMa 
Ha M3yneHne TeMbi, npe>KAe neM ny6/inKOBaTb Bonpoc; yKa>KMTe 
MCTOHHMKM, C KOTOpbIMM Bbi y>Ke 03HaK0MM.TIMCb, M OnMCbIBaMTe 

pa3/iMHHbie niarn, KOTopbie Bbi /imhho npoAe/ia/iM b npoqecce noMCKa 
MHCjDOpMaUMM. 3T0, 6e3yC/10BH0, 33MMeT MHOTO BpeMeHM, HO TeM He 
MeHee noKaweT, hto Bbi He neHMBbi m AePicTBMTe/ibHO npMK/iaAbiBaeTe 
onpeAe/ieHHbie ycM/iMA {\nn noi/icica 3HaHMPi. C/ieAyfl peKOMeHAauMAM 
3pnKa PaPiMOHAa, Bbi cMO>KeTe n36e>KaTb Han6o/iee 
pacnpocrpaHeHHbix olum6ok m no/iyHMTb AePicTBMTe/ibHO no/ie3Hbie 
OTBeTbi. 

http://catb.org/~esr/faqs/smart-questions.htiril 


6.1.1 CTpaHMLi,bi pyKOBOACTBa 

CTpaHMUbi pyKOBOACTBa, HecMOTpa Ha onpeAe/ieHHyK) c>KaTOCTb b 
cmne, coAep>KaT AePicTBMTe/ibHO Heo6xoAHMyK) m none 3 HyK) 
MHcj^opMaMMK). Ann Toro HTo6bi npocMOTpeTb crpaHMuy pyKOBOACTBa, 
npocTO BBeAHTe man manual-page. CrpaHMua pyKOBOACTBa ( manual- 
page ) o6biHHO coBnaAaeT c MMeHeM KOMaHAbi. HanpMMep, f\nn toto, 
HT06bl y 3 HaTb 60/lbllie 0 B 03 M 0 >KHblX OnUMfIX KOMaHAbi CP, BaM Hy>KHO 
6yAeT BBecTM man cp b KOMaHAHoPi cTpoKe. 

Man CTpaHMUbi - 3 to He TO/ibKO AOKyMeHTbi nporpaMM, AOCTynHbie M3 
KOMaHAHOPi CTpOKM, HO T3K>Ke C^aPl/lbl KOHC^MrypaUMM, CMCTeMHbie 
Bbl30Bbl, Cj^yHKUMM 6M6/lMOTeKM C M T. A- MHOTAa MMeHa MoryT 
BCTynaTb b npoTMBopenMfl. 

HanpMMep, KOMaHAa htchma o6o/iohkm MMeeT to >Ke caMoe Ha3BaHMe, 
HTO M KOMaHAa CMCTeMHOrO Bbl30Ba HTeHMfl. 1/lMeHHO nOBTOMy 
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CTpaHMUbi pyKOBOACTBa opraHH30BaHbi b c/ieAyK)mne 
npoHyMepoBam-ibie pa3Ae/ibi: 

1. KoMaHAbi, KOTopbie MoryT 6biTb Bbino/iHeHbi M3 KOMaHAHoPi 
CTpOKl/i; 

2. CkicTeMHbie Bbi30Bbi (cfjyHKui/in, npeAOCTaBJieHHbie aapom); 

3. cDyHKunM 6n6/inoTeKM (npeAOCTaB/iem-ibie ci/icTeMHbiMM 
6n6nnoTeKaMM); 

4. YcTpoPicTBa (Ha Unix noAo6Hbix ci/icreMax, bto o6bNHO 
oco6eHHbie c|3aPi.nbi, KOTopbie name Bcero xpaHjrrcfl b /dev/ 
AnpeKTopnn); 

5 . cDaPmbi KOHC^kirypauHM (cf)opMaTbi h yc/iOBHbie o6o3HaHeHMfl); 

6. l/lrpbi; 

7. Ha6opbi MaKpocoB m cTaHAapTOB; 

8 . KOMaHAbl aAMMHMCTpHpOBaHHjq CHCTeMbi; 

9. noAnporpaMMbi napa. 

Bbi MO>KeTe yKa3aTb pa3Aen CTpaHMUbi pyKOBOACTBa, KOTopyK) Bbi 
rnueTe: A-rm toto, HTo6bi npocMOTpeTb AOKyMeHTaumo A-na CHCTeMHoro 
Bbi30Ba HTeHi/m, BaM Heo6xoAHMO 6yAeT BBecm man 2 read. Ec/im hh 
oahh pa3Aen He yi<a3aH abho, nepBbiPi pa3Aen, KOTopbiPi HMeeT 
cTpaHkiuy pyKOBOACTBa c 3anponieHHbiM HMeHeM, 6yAeT OTo6pa>KeH. 
TaKHM o6pa30M, KOMaHAa man shadow BbiAacT Ha BbiBOAe shadow(5), 
noTOMy hto He cymecTByeT CTpaHMUbi pyKOBOACTBa A-na shadow b 
pa3Ae/iax 1-4. 

5e3yc/iOBHO, ec/ii/i Bbi He 3HaeTe Ha3BaHne KOMaHA, pyKOBOACTBO 
6yAeT He oneHb none3HO A-rm sac. BBeAHTe KOMaHAy apropos, KOTopaa 
rnueT CTpaHMUbi pyKOBOACTBa (n/ii/1 6o/iee KOHKpeTHO mx KpaTKoe 
om/icaHi/ie) A-n^ Jito6bix K/iioneBbix c/iob, KOTopbie Bbi yKa3a/in. 3aTeM 
KOMaHAa apropos bhboaht cnncoK cTpaHMu pyKOBOACTBa, b HbHx 
CBOAKax ynoMHHaiOTCJi 3anponieHHbie K/noneBbie c/iOBa Hapaay c 
OAHOCTpOHHbIMM CBOAKaMH H3 CTpaHMU pyKOBOACTBa. Ec/1M Bbi 
noAo6pann K/noneBbie c/iOBa AO/i>KHbiM o6pa30M, to Bbi 6e3 npo6/ieM 
HaPiAeTe mma KOMaHAbl, KOTopaa Bac HHTepecyeT. 

ripnMep 6.1 IIomck cp c no mo m bto apropos 


153 



$ apropos "copy file" 

cp U) 
cpio (1) 
gvfs-copy (1) 
gvfs-move (1) 
hcopy (1) 
install (1) 
ntfscp (8) 


- copy files and directories 

- copy files to and from archives 

- Copy files 

- Copy files 

- copy files from or to an HFS volume 

- copy files and set attributes 

- copy file to an NTFS volume. 


npocMOTp AOKyMeHTautMM no c/ienyioiiiMM ccbmxaM 

Ha MHomx crpaHi/iuax pyKOBOACTBa ecTb pa3Ae/i «Cm. TaK>xe» ("See 
Also"), 06 bNH 0 pflAOM C AOKyMeHTOM, KOTOpbIM CCbl/iaeTCfl Ha APyrMe 
CnpaBOHHbie CTpaHMUbl, OTHOCflLAHeCfl K aHa/lOrMHHbIM KOMaHAaM, M/1M 
>xe Ha a/ibTepHaTHBHyK) BHeniHfOK) AOKyMeHTaunio. Bbi MO>KeTe 
MCn0/lb30BaTb 3T0T pa3Ae/l, HT 06 bl HaMTH COOTBeTCTByK>myK) 
AOKyMeHTaqi/iK), Aawe ec/in nepBbin Bbi6op He npeAOCTaBi/m BaM 
Heo6xOAHMOM MHCjDOpMaUHM. 

B Aono/iHeHMe k man, Bbi Taioxe MO>KeTe ncno/ib 30 BaTb konqueror (b 
KDE) m yelp (b GNOME) A-na noncKa man CTpaHi/114. 


6.1.2 /JoKyMeHTau.Mfl b c|)opMaTe info 

llpoeKT GNU noAroTOBi/m pyKOBOACTBa A-rm 60/1 bin i/mcTBa cbohx 
nporpaMM b nHcf)opMai4noHHOM cf)opMaTe; noaTOMy MHorne cTpaHkiqbi 
pyKOBOACTBa ccbmaKDTca Ha cooTBeTCTByromyK) info AOKyMeHTaunio. 
3 tot cj^opMaT AaeT HeKOTopbie npenMymecTBa, ho nporpaMMa no 
yMonnaHHK) A-rm npocMOTpa btmx AOKyMeHTOB (TaK>Ke Ha3biBaeMaa 
info) flBrmeTCfl 6o/iee c/io>khom. Mbi peKOMeHAysM BaM ncno/ib30BaTb 
BMecTO Hee pinfo (m 3 naKeTa pinfo). f\r\9\ ee ycraHOBKn npocTO 
3anycTMTe apt update, a 3aTeM apt install pinfo (cm. pa3Aen 8. 2.2.2, 
«YcTaHOBKa naKeTOB c APT» [cTp. 177]). 

flOKyMeHTaumR info nMeeT i/iepapxi/NecKyK) cTpyKTypy, m ec/in Bbi 
Bbi3biBaeTe pinfo 6e3 yKa3aHi/m napaMeTpoB, to OHa OTo6pa3HT 
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cni/icoK y3/iOB, AOcrynHbix Ha nepBOM ypoBHe. 06biHHO y3/ibi hocjrt 
MM eHa COOTBeTCTByKDLUMX KOMaHfl. 

Bbi MO>KeTe ncno/ib30BaTb K/iaBni±in co crpe/iKaMn Ann nepeMemeHi/m 
Me>KAy y3/iaMn. KpoMe toto, Bbi Tai<>Ke MOweTe ncno/ib30BaTb 
rpacjDMHecKMM 6pay3ep (KOTopbin HaMHoro yAo6Hee), HanpnMep, 
konqueror n/in yelp. 

Hto KacaeTca A3biKOBoro nepeBOAa, cncreMa info BcerAa 
npeAOCTaBnaeTca Ha aHmm/icKOM h He iioaxoaht A-na KaKoro-/in6o 
nepeBOAa, b OT/innne ot cncreMbi cTpaHi/iubi pyKOBOACTBa (man 
page). OAHaico, KorAa Bbi nonpoci/rre nporpaMMy pinfo OTo6pa3HTb 
HecymecTByiomyK) info crpaHi/iuy, OHa BepHeTca Ha crpaHnuy 
pyKOBOACTBa c TeM >xe MMeHeM (ecrm oho cymecTByeT), KOTopoe 

MO>KeT 6 biTb nepeBeAeHO. 


6.1.3 llaKeTHafl AOKy/N/ieHTau.Mfl 

Ka>KAbm naKeT BK/nonaeT b ce6a cbokd co6cTBeHHyK) AOKyMeHTaumo, 
h Aa>xe Hai/iMeHee AOKyMeHTnpoBaHHbie nporpaMMbi o6biHHO 
coAep>KaT c|3ai/i.n README, coAepwamni/i HeKOTopyio nHTepecHyio 
n/n/in Ba>KHyK) nHcf)opMaunK). 3Ta AOKyMeHTauna ycTaHOB/ieHa b 
AnpeKTopnn /usr/share/doc/package/ (rAe package npeACTaBrmeT 
uma naKeTa). Ec/in AOKyMeHTaqi/m oco6eHHO Be/inKa, OHa He MO>KeT 
6biTb BK/iKDneHa b ochobhom naKeT nporpaMMbi, ho mokct 6biTb 
pa3rpy>KeHa b BbiAe/ieHHbin naKeT, KOTopbin o6bNHO Ha3biBaeTca 
package- doc. Ochobhom naKeT o6biHHO peKOMeHAyeT naKeT 
AOKyMeHTaqHM, HTo6bi Bbi Mor/iM zierKO HanTn ero. 

flnpeKTopi/m /usr/share/doc/ package/ o TaK>Ke coacp>kht HeKOTopbie 
c^an/ibi, npeAOCTaBneHHbie Debian, KOTopbie Aono/iHflKrr 
AOKyMeHTauMK) nyTeM yKa3aHi/m oco6eHHOCTen naKeTa n/in ero 
y/iyHLueHi/m no cpaBHeHi/no c TpaAHUnoHHon ycraHOBKon 
nporpaMMHoro o6ecneHeHi/m. Oan/i README.Debian Ta K>Ke 
o6o3HanaeT Bee B03M0>KHbie aAanTaunn, KOTopbie 6bmn cAe/iaHbi Ann 
Toro, HTo6bi cooTBeTCTBOBaTb no/iMTMKe Debian. OaPm 
changelog.Debian.gz no3BO/iaeT no/ib30BaTe/iK) c/ieAHTb 3a 
M3MeHeHi/mMi/i, BHeceHHbiMM b naKeT c TeneHi/ieM BpeMem/i; oneHb 
b3>kho nonbiTaTbejR noHATb, hto n3MeHi/mocb Me>KAy AsyMA 
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ycTaHOB/ieHHbiMn Bepci/mMi/i, KOTopbie He o6/iaflaK)T OAMHaKOBbiM 
noBeASHMeM. I/I HaKOHeu, MHorAa ecTb c^aPi/i NEWS.Debian.gz, 
KOTopbM AOKyMeHTMpyeT ocHOBHbie M3MeHeHMjR b nporpaMMe, 
KOTopbie MoryT HenocpeACTBeHHO KacaTbca aAMMHMcrpaTopa. 


6.1.4 Be6caMTbi 

Bo mhotmx c/iynajRx Bbi MOweTe BcrpeTMTb caPiTbi, KOTopbie 
ncnonb3yK)TCfi A-rm pacnpocrpaHeHMA 6ecnnaTHbix nporpaMM m 
oSteAHHeHi/m coo6mecTBa pa3pa6oTHMKOB m no/ib30BaTe/iePi. 3tm 
CaPiTbi, KaK npaBH/10, HanO/lHflK)TCfl COOTBeTCTByiOLASM MHCjDOpMaUMeM 
b pa3/iMHHbix cj^opMax, TaxoPi Kax oc^MUMa/ibHaa AOKyMeHTauMfi, Macro 
3aAaBaeMbie Bonpocbi (FAQ) m apxMBbi ciimckob paccbi/iKM. B 
6o/ibLUMHCTBe c/iynaeB, FAQ m/im apxMBbi cnMCKOB paccbi/iKM 
paCCMaTpHB3K)T npo6/ieMbl, C KOTOpbIMM Bbl MOMM CTO/1 KHyTbCJR. rip M 
nOMCKe HH(f)OpMai4MH B 1/lHTepHeTe OHeHb Ba>KHO M3yHMTb CMHTaKCMC 
noMCKa. Oahh no/ie3HbiPi coBeT: nonpo6yPiTe orpaHMHMTb noMCK 
KOHKpeTHbiM AOMeHOM, HanpMMep, nocBfimeHHbiM nporpaMMe, b 
KOTopoPi y Bac m bo3hmk/im npo6/ieMbi. Ec/im noMCK BbiAaiOT BaM 
C/1MLUKOM MHOTO CTpaHMU M/IM eC/lM pe3y/lbTaTbl He COOTBeTCTByKDT 
TOMy, hto Bbi MCKa/iM, Bbi MO>KeTe Ao6aBHTb TaKi/ie K/uoneBbie c/iOBa 
KaK kali m/im debian Ann orpaHMneHMfl pe3y/ibTaTOB cooTBeTCTBeHHoPi 
qe/ieBoPi MHcjDopMauHM. 


Ot npo6/ieMbi k peuieHnio 

Ec/im nporpaMMHoe o6ecneneHMe BbiAaeT oneHb cneuMcj^MnecKoe 
coo6meHMe 06 oniM6Ke, BBeAMTe ero (bto coo6meHMe) b homckobmk 
(Me>KAy AByMa KaBbiHKaMM, A-na o 6 o 3 HaHeHM 5 i uMTaTbi Ann toto, HTo6bi 
HanaTb noMCK no KOHKpeTHoPi <£pa 3 e, a He no OTAe/ibHbiM K/noneBbiM 
c/iOBaM). B 6o/ibLUMHCTBe c/iynaeB, nepBbie ccbi/iKM 6yAyT coAepwaTb 
OTBeT, KOTOpblPi BaM Hy>KeH. 

B ApyrMx c/iyHaflx, Bbi no/iynMTe oneHb o6i±iMe olum6km, BpoAe 
"Permission denied". B TaKoPi cMTyaqMM, /lyniue Bcero npoBepMTb 
pa3peilieHM51 COOTBeTCTByiOLUMX 3/ieMeHTOB (c|3aPi/iOB, 

no/ib30BaTe/ibCKMx ID, rpynn m t.a.). BKpaTqe, He ctomt 
Bbipa6aTblBaTb npMBblHKy nOCTOflHHOrO MCn0/lb30BaHM51 nOMCKOBMKOB, 
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Ann noMCKa peiueHMjR npo6neMbi, nHane Bbi pncKyeTe 3a6biTb o tom, 
HTO TaKOe MCn0J1b30BaTb 3ApaBblPi CMblC/1. 


Ecni/i Bbi He 3HaeTe aApec Be6-caPiTa nporpaMMHoro o6ecneHeHi/m, 
cymecTByKDT pa3/iMHHbie cnoco6bi ero onpeAeneHi/m. CHana/ia 
HaPiAHTe none «flOMai±iHnn cTpaHnua» b MeTai/mc|3opMai4nn naiceTa 
(apt show package). KpoMe Toro, onncaHne naKeTa MO>KeT coAepwaTb 
ccbinicy Ha ocjDnunanbHbin cam nporpaMMbi. Ecrm URL-aApec He 
yKa3aH, b conpoBO>KAaK)meM (Rapine naKeTa MO>KeT coAepwaTbcn URL- 
aApec b c^aPine /usr/share/doc/package/copyright. HaKOHeu, Bbi 
MO>KeTe ncnonb30BaTb noi/icKOByio ci/icreMy (Hanpi/iMep, Google, 
DuckDuckGo, Yahoo n t. /}.), HTo6bi h3mtm Be6-canT nporpaMMHoro 
o6ecneHeHkm. 


6.1.5 Kali A.OKyMeHTau.nn Ha docs.kali.org 

llpoeKT Kali coAep>KHT c6ophmk none3Hon AOKyMeHTaqi/in no aApecy 
http://docs.kali.org. Xota 3Ta KHi/ira oxBaTbiBaeT 3HannTenbHyK) 
nacTb Toro, hto Bbi Aon>KHbi 3HaTb o Kali Linux, AOKyMeHTaunn Ha 
A3HH0M caPiTe MO>KeT 6biTb none3Hon, nocKonbKy OHa coasp>kmt 
nomaroBbie i/mcTpyKui/m (bo MHoroM noxo>KMe Ha npaKTi/NecKi/ie 
pyKOBOACTBa) KacaTenbHO mhothxtcm. http://docs.kali.org/ 

flaBanTe paccMOTpi/iM pa3nnHHbie TeMbi, 3aTparnBaeMbie TaM: 

• Hanano pa6oTbi: cepi/m nHCTpyKU,i/ii/i, BKmoHan MHCTpyKqnK) no 
3arpy3Ke, A-rm Tex, kto He 3H3kom c Kali; 

• Kali Linux Live: AOKyMeHTapnn, onncbiBaK>man ncnonb30BaHne Kali 
Linux b KanecTBe >kmbom ci/icreMbi (live system); 

• YcTaHOBKa Kali Linux: pa3ni/iHHbie AOKyMeHTbi, onMCbiBaiomne 
ycTaHOBKy Kali Linux, b tom Hi/icne, KaK ycraHOBMTb ee HapHAy c 
ApyrHMM onepauHOHHbiMM cncreMaMH; 

• Kali Linux Ha ARM: MHori/ie peqenTbi o 3anycKe Kali Linux Ha 
pa3nnHHbix ycTpoPiCTBax Ha 6a3e ARM; 

• l/lcnonb30BaHne Kali Linux: MHoroHi/icneHHbie npaKTi/inecKne 
noco6i/m, 3aTparnBaK)mne mhokcctbo pacnpocrpaHeHHbix 
BonpocoB; 

• HacTpoPiKa Kali Linux: i/mcTpyKui/m A-rm CMenbnaKOB, KOTopbie 
nio6nT nepecTpaMBaTb Kali cornacHO cbomm co6cTBeHHbiM 
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Tpe 6 oBam/iflM m npeAnoHTem/iJiM; 

• noAAep>KKa coo6mecTBa Kali: yKa 3 aTe/in Ha pa 3 /ii/iHHbie 
coo6mecTBa, rAe Bbi MO>KeTe no/iyni/iTb noAAepwxy m no/iynuTb 
noApo6Hoe pastacHeHi/ie OTHOCMTe/ibHO Toro, KaK OTnpaBrmTb 
OTneTbi 06 OLun6Kax; 

• no/iMTMKa Kali Linux: oStacHeHi/m Toro, hto AenaeT Kali Linux 
oco6eHHbiM no cpaBHeHmo c ApyrHMM AncTpn6yTMBaMM Linux; 

• Kali Linux AOA3e: bmaso Black Hat m DEF CON ceMi/mapoB. 


6.2 Coo6u^ecTBa Kali Linux 

CymecTByeT AOBO/ibHO MHoro coo6mecTB Kali Linux no BceMy MHpy, 
KOTOpbie B CBOK) OHepeAb MCnOnb3yK)T MHO>KeCTBO pa3/lMHHblX 
MHCTpyMeHTOB A-rm o6MeHa coo6meHi/mMi/i (Hanpi/mep, c^opyMbi 1/1 
counanbHbie ceTi/i). B btom pa3Aene Mbi npeACTaBi/iM TO/ibKO Asa 
ocjDMUHa/ibHbix coo6mecTBa Kali Linux. 


6.2.1 Be6-4>opyMbi Ha forums.kali.org 

Ocj^HUMa/ibHbie c|3opyMbi coo6mecTBa npoeKTa Kali Linux 
pacnono>KeHbi Ha forums.kali.org 1 . Kax m Ha /ik)6om Be6-c|3opyMe, Bbi 
Aon>KHbi co3AaTb yneTHyio 3anncb, HTo6bi HanaTb OTnpaB/iflTb 
coo6meHi/m, m cMCTeMa cpa3y 3anoMi/maeT, xaxi/ie coo6meHi/m Bbi y>xe 
BHAe/iM, hto no3BO/iaeT zierxo c/ieAHTb 3a o6meHneM Ha pery/iapHOi/i 
OCHOBe. 

llepeA TeM xax HanaTb o6meHne, BaM Heo6xoAHMO 03HaxoMHTbca c 
npaBHnaMM ct^opyMa: 

http://docs.kali.org/communitv/kali-linux-communitv-forums 

Mbi He 6yAeM xonnpoBaTb 3Aecb Becb nepeneHb npaBi/m, ho ctomt 
OTMeTMTb, HTO BaM He pa3pei±iaeTCfl rOBOpMTb 0 He3aK0HHblX 
AePicTBi/mx, Ta kmx xax npoHi/ixHOBeHi/ie b ny>xi/ie ce™. Bbi Aon>xHbi 
yBa>xaTb ApyrHx H/ieHOB coo6mecTBa, HTo6bi noAAsp>KMBaTb 
npHBeT/iHBoe o6meHne. Pex/iaMa 3anpemeHa, m c/ieAyeT n36eraTb 
o6cy>KAeHMM BHe TeMbi. CymecTByeT AOCTaTOHHO pa3/iMHHoro poAa 
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KaTeropm/i, HTo6bi oxBaTi/iTb Bee, hto Bbi xoTe/ii/i 6bi o6cyAHTb o Kali 
Linux. 


6.2.2 #kali-linux IRC KaHa/i Ha Freenode 

IRC ABrmeTCfl naT-ci/icTeMOi/i pea/ibHoro BpeMeHH. 06cy>KAeHMfl 
npoMcxoA^T b naTax, KOTopbie Ha3biBaiOTCfl KaHanaMM 1/1 o6biHHO 
cocpeAOToneHbi BOKpyr onpeAe/ieHHOM TeMbi i/ijim coo6mecTBa. 
llpoeKT Kali Linux ncno/ib3yeT KaHa/i # kali- linux b ceTi/i Freenode 19 
20 (Bbi MO>KeTe ncnonb30BaTb chat.freenode.net b KanecTBe IRC- 
cepBepa Ha nopTy 6667 A-rm TLS-niMc^poBaHHoro coeAHHeHi/m m/im 
nopT 6666 f\r\9\ OTKpbuoro TexcTOBoro coeAHHeHi/m). 

HT06bl npMCOeAHHMTbCfl K 06cy>KAeHMflM B IRC, Bbi AO/l>KHbl 
ncnonb30BaTb IRC-K/ii/ieHT, Taxon KaK hexchat (b rpacjm/inecKOM 
pe>KMMe) mjim irssi (b KOHco/ibHOM pe>KMMe). CymecTByeT TaK>Ke Be6- 
K/ii/ieHT, AOCTynHbiPi Ha webchat.freenode.net 21 . 

HecMOTpa Ha to, hto AOBO/ibHO t3km npocTO npi/icoeAHHHTbCfl k 
06cy>KAeHHK), Bbi AO/l>KHbl 3HaTb, HTO KaHa/lbl IRC HMeiOT CBOM 
co6cTBeHHbie npaBi/ma i/i hto ecTb onepaTopbi KaHa/iOB (i/ix Hi/iKHeMM 
HMeeT npecf)MKc @), KOTopbie MoryT HaKa3biBaTb no/ib30BaTe/iei/i 3a 
HeBbino/iHeHi/ie npaBi/m: ohi/i MoryT npi/myAMTe/ibHO OTcoeAHHMTb Bac 
ot KaHa/ia (m/im Aawe 3a6aHMTb Bac b tom c/iynae, ecrm Bbi 
HacTOMHMBO m npi/iHui/mi/ia/ibHO 0TKa3biBaeTecb Bbino/iHATb npaBH/ia). 
KaHa/i #kali-linux He nBnnejcn i/icK/noneHi/ieM. Bee npaBi/ma 
npMBeAeHbi 3Aecb: 

http://docs.kali.org/connnnunitv/kali-linux-irc- channel 

llOABOAfl HTOT npaBM/iaM! Bbi AO/l>KHbl 6blTb APy>Ke/lK)6HblMM, 
TepnMMbiMM v\ pa3yMHbiMn. Bbi AO/i>KHbi M36eraTb o6cy>KAeHi/m BHe 
TeMbi. B nacTHOCTM, 3anpemeHbi AHcxyccMH o He3aK0HH0M 
AefiTe/ibHOCTM, TaKoPi xax: KpaAeHoe nporpaMMHoe o6ecneneHne, 
pa3MemaeMoe Ha xaicepcici/ix caMTax/B3/iOMbi/ nnpaTCKoe 
nporpaMMHoe o6ecneneHne, Tai<>Ke 3anpemeHbi nio6bie o6cy>KAeHi/m 


19 http://foru ms. kali.org 
20 http://www.f reenode.net 
21 http://webchat.freenode.net 
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o no/iMTMKe n pe/inmax. 1/lMePiTe b BMAy, hto Bam IP-aApec 6yAeT 
AOCTyneH ApyrnM no.nb30BaTe.rmM. 

Ec/in Bbi xoTMTe o6paTMTbc?i 3a noMombK), c/ieAytiTe peKOMeHAaun?iM, 
npMBeASHHbiM b pa3Ae.ne «Kax M36e>KaTb otbctob RTFM» [cTp. 124]: 
CHana/ia AeTa/ibHO nccneAytiTe Bonpoc caMOCTOfiTe/ibHO n 3aTeM 
noAe/iMTecb pe3y/ibTaTaMM. KorAa Bac nonpoc^T npeAOCTaBMTb 
Aono/iHMTe/ibHyK) MHcJoopMaMMK), nowa/iyPicTa, npeAOCTaBbTe ee tohho 
(ecm/i Bbi AO/i>KHbi npeAOCTaBMTb Hecxo/ibKO noApo6Hbix pe3y/ibTaTOB, 
He BCTaBn^MTe mx HenocpeACTBeHHO b KaHan, a Mcno/ib3yPiTe c/iy>K6y, 
HanpMMep, Pastebin 22 , m OTnpaB/mPiTe TO/ibKO URL-aApec Pastebin. 

He o>KMAaMTe HeMeA-neHHoro OTBeTa. HecMOTpa Ha to, hto IRC 
AB/ifleTCfl njiaTcJoopMoPi cba3m b pea/ibHOM BpeMeHM, ynacmMKM 
perMCTpMpyKDTCfi co Bcero MMpa, noaTOMy nacoBbie no?ica m rpacJoMKM 
pa6oTbi pa3/iMHaK)TCfl. fl/m OTBeTa Ha Bam Bonpoc MO>KeT 
noTpe6oBaTbca Hecxo/ibKO MMHyT m/im nacoB. OAHaKO, KorAa Apyrne 
BK/iK)HaK)T Bam hmk b OTBeT, Bam hmk 6yAeT noACBeneH, m b 
6o/ibLUMHCTBe c/iynaeB k/imcht IRC yBeAOMMT Bac, no3TOMy ocTaBbTe 
K/iMeHT noAK/iKDneHHbiM m Ha6epMTecb TepneHMa. 


6.3 noAana rpaiwomo cociaB/ieHHoro omeia 06 OLUM6«e 

Ec/im Bee BamM nonbiTKM pa3pemMTb npo 6 /ieMy yBeHHa/iMCb 
HeyAanePi, to Bnorme Bepo^THO, hto npo 6 neMa cB?i3aHa c olum6kom 
( 6 aroM) b caMOM nporpaMMe. B ashhom c/iynae npo 6 neMy mo>kho 
AeTa/ibHO M3/io>KMTb b OTHeTe 06 omM 6 Ke. Bbi MO>KeTe npoAO/i>KMTb 
noMCK OTneTOB 06 omM 6 Ke, KOTopbie MAOHTMHHbi BamePi, ho AaBaPiTe 
Bee >xe paccMOTpMM caMy npoueAypy cocTaB/ieHMA OTneTa 06 omM 6 Ke 
m npeAOCTaBneHMjR ero Kali, Debian, m/im HanpaMyio pa3pa6oTHMKaM, 
T3KMM 06pa30M, HT 06 bl Bbi OKOHHaTe/lbHO nOHfl/lM, KaK MMeHHO 
cneAyeT cocraB/rnTb Bam co 6 cTBeHHbie othct 06 oi±iM 6 Ke. 

Ue/ibK) OTneTa 06 omM6Ke AB/meTCfl npeAOcraB/ieHMe aoct3tohhom 
MHcj^opMauMM A-n^ toto, HTo6bi pa 3 pa 6 oTHMKM m/im cneuMa/iMCTbi no 
BKcn/iyaTauMM (npeAnonoKMTe/ibHo) HencnpaBHoPi nporpaMMbi Momn 
BOcnpoM 3 BecTM npo6neMy, OT/iaAHTb ee noBeAeHne m pa 3 pa 6 oTaTb 
McnpaB/ieHMe omM6KM. 3to 03 HanaeT, hto Bam othct 06 omM6Ke 


22 http://pastebin.com 
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AOJl>KeH COAepwaTb COOTBeTCTByiOLUyK) HHC|30pMaUHK) H AO/l>KeH 6blTb 
HanpaB/ieH k npaBH/ibHOMy ne/iOBeKy h/ih KOMaHAe npoeKTa. Othct 
Tai<>Ke Aon>KeH 6biTb xopomo HanncaHHbiM h TmaTe/ibHbiM, hto b cbokd 
onepeAb o6ecnenMT 6o/iee 6bicTpbiH otbct. 

ToHHaa npoueAypa Ann OTneTa 06 OLun6Ke 6yAeT pa3/iMHaTbCfl b 

3aBMCMMOCTM OT TOTO, KOMy MMeHHO Bbl 6yAeTe OTnpaBJIfITb OTHeT 
(Kali, Debian, h/im Hanp^Myio pa3pa6oTHHKaM), ho ecTb HeKOTopbie 
o6mne peKOMeHAauMM, npnMeHHMbie ko BceM c/iynaaM. B btom maBe 

Mbi o6cyAHM 3 tm peKOMeHAaqMH. 


6.3.1 06uj,Me peKOMeHAau.nn 

flaBaHTe o6cyAHM o6i±iHe peKOMeHAauHH h ocHOBHbie npHHunnbi, 
KOTopbie noMoryT BaM cocTaBHTb h noAaTb othct 06 oniH6Ke, KOTopbin 
6yAeT noHATHbiM, Bceo6'beMnK)mHM h yBe/iHHHT niaHCbi Toro, hto 
oniH6Ka 6yAeT ycTpaHeHa pa3pa6oTHHKaMH cBoeBpeMeHHO. 

KaK o 6 pamaTbC 5 R 


CocTaB/mMTe Bam OTneT MCK/iiOHMTe/ibHO Ha aHr/iMMCKOM. 

Coo6mecTBO CBo6oAHoro nporpaMMHoro o6ecneHeHMfl (The Free 
Software community) flBrmeTCfl Me>KAyHapoAHbiM, h, ec/in Bbi He 
3HaeTe cBoero co6eceAHHKa, Bbi AO/i>KHbi Hcno/ib30BaTb npocTon 
aHT/lHHCKHH. EC/1H Bbl ABJlfleTeCb HOCHTe/ieM aHrnHHCKOrO A3blKa, 
Hcnonb3yHTe npocTbie npeA-noweHHA h H36eraHTe KOHCTpyKUHH, 
KOTopbie MoryT Bbi3BaTb c/io>khocth b noHHMaHHH Ann /noAen c 
orpaHHneHHbiMH HaBbiKaMH aHr/iHHCKoro 33biKa. HecMOTpa Ha to, hto 
6o/ibLUHHCTBO pa3pa6oTHHKOB oneHb HHTenneKTya/ibHbi, He Bee H3 
HHX 06 /iaAaK)T CH/lbHblMH HaBbiKaMH aHTflHHCKOrO A3blKa. TaK HTO 
AaBaPiTe nocrapaeMCfl, HTo6bi /ik)6oh coTpyAHHK mot c nerKOCTbio 
noHATb cyTb coAep>KHMoro. 

OTHOCMTeCb C yB 3 >KeHMeM K pa 60 Te pa 3 pa 60 THMK 0 B 

lloMHHTe, hto 6o/ibiiiHHCTBO pa3pa6oTHH kob Free Software (BK/nonafl 
Tex, kto ctoht 3a Kali Linux) Ao6po>Ke/iaTe/ibHbi h TpaTAT cBoe 
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orpaHMHeHHoe CBo6oflHoe BpeMA Ha pa6oTy c nporpaMMHbiM 
o6ecneHeHneM, KOTopoe Bbi cbo 6 oaho Mcno/ib 3 yeTe. MHorne Ae/iaK)T 
3 to H 3 a/ibTpyn 3 Ma. TaKMM o 6 pa 30 M, Kor^a Bbi OTnpaBJiaeTe othct 06 
onin6Ke, 6yAbTe noHTMTe/ibHbi (Aawe ec/iM npo6/ieMa BbirrmAHT KaK 
oneBMAHaa OLun6Ka pa 3 pa 6 oTHMKa) m He ctomt AyMaTb, hto ohm 
AO/i>KHbi BaM HeMeA-neHHO McnpaBMTb oniM6Ky. ByAbTe 6/iaroAapHbiMM 
3a mx BK/iaA- 

Ec/im Bbi 3HaeTe, KaK MOAncNunpoBaTb ^ nepeKOMnM/iMpoBaTb 
nporpaMMHoe o6ecneHeHMe, npeA/io>KMTe noMOHb pa3pa6oTHMKaM b 
TecTMpoBaHMM ziK)6bix naTHePi, KOTopbie ohm npeACTaB/ifliOT BaM. 3to 
nOKa>KeT MM, HTO Bbi TO>Ke rOTOBbl MHBeCTMpOBaTb CBOe BpeM3. 

ByAbTe aKTMBHbIMM M TOTOBblMM npeflOCTaBMTb 
AOnO/1HMTe/1bHyiO MHCfjOpMaMMIO 

B HeKOTopbix c/iyHaflx, pa3pa6oTHMK MO>KeT o6paTMTbCfl k BaM c 
npocb6oM npeAOCTaBMTb 6o/ibi±iee KO/iMnecTBO MHcf>opMauMM, m/im 
BO cco3AaTb npo6neMy Mcno/ib3yfl ApyrMe BapMaHTbi m/im 
o6HOB/ieHHbie naKeTbi. Bbi AO/i>KHbi nocTapaTbca OTBenaTb Ha 
noAo6Hbie 3anpocbi KaK mo>kho 6biCTpee. HeM 6bicTpee Bbi OTBeTMTe 
Ha noAo6Horo poAa 3anpoc, TeM Bbime niaHCbi Ha to, hto 
pa3pa6oTHMKM cMoryT pa3peniMTb npo6/ieMy 6bicTpo, noKa 
nepBMHHbie AaHHbie eiue cBe>KM. 

XOTfl Bbi AO/l>KHbl CTpeMMTbCjq 6blCTpO peaTMpOBaTb, Bbi T3K>Ke He 
Aon>KHbi nepecnyp ToponMTbCfl: npeACTaB/ieHHbie AaHHbie AO/i>KHbi 
6blTb npaBM/lbHblMM M AO/l>KHbl COAep>KaTb Bee, HTO 3anpOCM/lM 
pa3pa6oTHMKM. Ohm 6yAyT oneHb pa3AOcaAOBaHbi, ec/iM mm 
noTpe6yeTCA o6pamaTbca k BaM 3a neM-TO bo BTopoPi pa3. 

Hto Heo6xoAHMO yKa3biBaTb b OTneTe 06 oniM6Ke 


llOAP06Hbie MHCTpyKMMM O TOM, K3KMM 06pa30M MO>KHO 
BOcco3flaTb npo6/ieMy 

HT 06 bl MMeTb B03M0>KH0CTb BOCIipOM3BeCTM npo6/ieMy, pa3pa60THMKM 
AO/l>KHbl 3HaTb, HTO Bbi MCnO/lb3yeTe, K3KMM o6pa30M Bbi ee 
no/iyHM/iM, m KaK Bbi ee ycraHOBM/iM. 
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Bbi AO/i>KHbi npeAOCTaBMTb TOHHbie, nomaroBbie mncTpyicui/in, 
onncbiBaK)Lune, KaK BOcnpon 3 BecTn npo6neMy. Ec/ii/i BaM Hy>KHO 
ncnonb 30 BaTb HeKOTopbie AaHHbie Ana BOcnpon 3 BeAeHna npo6neMbi, 
npMKpenMTe cooTBeTCTByiomHPi cj^aPin k OTneTy 06 onin6Ke. 
nonbiTaPiTecb npnAyMaTb MHHHManbHbiPi Ha6op HHCTpyKunPi, 
Heo6xoAHMbix f\r\ 9 \ BOcnpoH 3 BeAeHHa oi±ih6kh. 

ripeflocTaBbTe Heo6xoflHMbiM kohtckct m yicawiiTe cbom 
o>KMflaHna 

06 "bacHHTe, hto Bbi nbiTanncb cAenaTb h kokhm o 6 pa 30 M Bbi o>KHAanH, 
hto nporpaMMa 6yAeT BecTH ce6a. 

B HeKOTopbix cnynaax onin6Ka cpa6aTbiBaeT TonbKO noTOMy, hto Bbi 
ncnonb 30 Bann nporpaMMy f\r\ 9 \ BbinonHeHna Tex 3 aAan, KaKne OHa He 
npeAHa 3 HaneHa BbinonHaTb. OStacHaa, aero Bbi nbrranncb AOCTHHb, 
Bbi no 3 BonaeTe pa 3 pa 6 oTHHKaM acHO noHHMaTb TaK bto nnn HeT. 

B HeKOTopbix ApyrHx cnynaax noBeAeHHe, KOTopoe Bbi onncbiBaeTe 
KaK omn6Ky, Ha caMOM Aene MO>KeT 6biTb HopManbHbiM noBeAeHneM 
nporpaMMbi. nocrapaPiTecb n 3 naraTb cboh Mbicnn MaKCHManbHO acHO, 
KorAa 6yAeTe onncbiBaTb to, hto Bbi o>KHAanH ot nporpaMMbi. 3 to 
npoacHMT CMTyapHK) Ann pa 3 pa 60 THHK 0 B. Ohh MoryT nn6o HcnpaBHTb 
noBeAeHHe nporpaMMbi, nn6o ynyauiHTb AOKyMeHTaMmo, ho, no 
KpaPmePi Mepe, ohh 6 yAyT 3HaTb, hto noBeAeHHe hx nporpaMMbi 
3 anyTbiBaeT HeKOTopbix nonb 30 BaTenePi! 

ByflbTe MaKCMMa/IbHO KOHKpeTHbIMM 

BKniOHHTe HOMepa BepcnPi nporpaMMHoro o6ecneneHna, KOTopoe Bbi 
ncnonb 3 yeTe h, no bo3mo>khocth, yKa>KHTe HOMepa BepcnPi hx 
3 aBHCHMOCTen. KorAa Bbi ccbinaeTecb Ha hto-to, hto Bbi cKanann, 
yKa>KHTe ero nonHbin URL-aApec. 

KorAa Bbi nonyHHTe coo6meHHe 06 oniH6Ke, yKa>KHTe ero tohho b 
T aKOM BHAe, b KaKOM Bbi ero nonyHHnn. Ecnn bo 3 mo>kho, BKniOHHTe 
KonnK) BbiBOAa Ha 3 KpaHe nnn chhmok BKpaHa. BKniOHHTe Konnio 
nio6oro cooTBeTCTByiomero dpawna >KypHana, OAHaKO 
npeAaapHTenbHO y6eAHTecb, hto Bbi yAannnn Bee 
KOHct)HAeHUHanbHbie AaHHbie. 
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YnoMMHaHMe B03M0>KHbix BapnanroB McnpaB/ieHMM mjim 
o6xoflHbix peuieHHM 

nepefl noAanePi OTneTa 06 onin6Ke Bbi, BeponTHO, nonbiTani/icb 
pemuTb npo6neMy. OStncHHTe, hto Bbi npo6oBann, n xaxue 
pe3ynbTaTbi Bbi nonyHnnn. ByflbTe npeAenbHO ncHbi b tom, hto Bbi 
peanbHO nbrrani/icb oae/iaTb h hto nBnneTcn Bcero numb rnnoTe3oPi c 
BamePi cTopoHbi. 

Ecm/i Bbi BbinonHnnn nHTepHeT noncK 1/1 Haxoflunn KaKoro-nn6o poAa 
pa3"bncHeHnn KacaTenbHO BamePi npo6neMbi, Bbi MOweTe yxa3aTb 3 to, 
oco6eHHO ecrm Bbi Hamnn noxo>KnPi othct 06 oi±in6Ke b Debian 
Tpexepe. 

Ecnn Bbi HarnnM cnoco6 AOCTM>KeHMn wenaeMoro pe3ynbTaTa 6e3 
Bbi3biBaHnn oi±ii/i6ki/i, no>KanyPicTa, 3aAOKyMeHTnpyPiTe bto. 3 to 
noMO>KeT ApyrMM nonb30BaTennM, KOTopbie nocTpaAann ot oahoPI h 
T oPi >xe npo6neMbi. 

fl/uiHHbie oTHeTbi 06 oujn6Kax fiB/imoTCB Bno/iHe 
HOpMa/IbHbIM BB/ieHMeM 

OTneT 06 omn6Ke c AByMn crpoicaMH nBnneTcn HeAOCTaTOHHbiM; A-rm 
o6ecneHeHnn BcePi Heo6xoAHMoPi i/mctDopMaum/i o6biHHO Tpe6yeTcn 
HecKonbKO a63aueB (i/mn nHorAa CTpam/iu) TeiccTa. 

llpeAOCTaBbTe boo i/mcjDopMauMK), KOTopyio Bbi MO>xeTe. llocTapaPiTecb 
npnAep>KMBaTbcn Toro, hto MMeeT 3HaneHi/ie, ho ecm/i Bbi He yBepeHbi, 
to noMHMTe, hto cnmiiKOM mhoto nynme, neM cnnmKOM Mano. 

Eonn Bam othct 06 omn6Kax AePicTBHTenbHO A-nnHHbiPi, HaPiAHTe 
BpeMn, HTo6bi cTpyKTypnpoBaTb ero coAep>KHMoe h npeACTaBMTb 
xpaTKoe pe 3 K)Me b Hanane. 

Pa3nnHHbie coBeTbi 


M36eraMTe noflanM Ay6nnpOBaHHbix othctob 06 oujn6Kax 
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B Mi/ipe cBo6oflHoro nporpaMMHoro o6ecneHeHHJi Bee TpeKepbi 
oluh6ok 9 \ Br \ 9 \\ OTC 9 ] o6meAOCTynHbiMn. OTKpbiTbie npo6/ieMbi mo>kho 
npocMOTpeTb, n y hhx Aawe ecTb cfiyHKUHJi noncica. TaKHM o 6 pa 30 M, 
nepeA noAanen hoboto OTneTa 06 onin6Ke nonbiTanTecb onpeAe/inTb, 
6bma /in Bama npo6/ieMa ywe coo6meHa kcm-to ApyrnM. 

Ec/in Bbi o6Hapy>KHTe cymecTByiOLUnfi othct 06 OLun6Kax, 
noAnmiiMTecb Ha Hero n, bo3mo>kho, Ao6aBbTe Aono/iHHTe/ibHyio 
HHcj^opMauMK). He ny6/inKyMTe KOMMeHTapnn, Taicne KaK TO>Ke» 
n/in «+l»; ohh He HMeKDT HHKaKoro cMbic/ia. Ho Bbi MO>KeTe yi<a3aTb, 
HTO Bbi TOTOBbl K Aa/lbHeHLUHM HCnbITaHHJIM, eC/lM HCXOAHblH 
3aflBHTe/ib 3Toro He npeA-nara/i. 

Ec/ih Bbi He Haw/in OTneTa o cBoen npo 6 /ieMe, to MO>KeTe cMe/io 
nepexoAHTb k perncTpaunn. Ec/in Bbi Haumn cBJi3aHHbie c Banien 
npo 6 /ieMon CBHASTe/ibCTBa, o6fl3aTe/ibHO yKa>KHTe nx. 

06 H 3 aTe/ibHO y 6 eflMTecb b tom, hto Bbi ucno/ib 3 yeTe 
noc/ieflHioio Bepcnio 

Pa3pa6oTHHKOB oneHb cn/ibHO 3anyTbiBaK)T OTneTbi 06 onin 6 Kax 
OTHOcnTe/ibHO npo 6 /ieM, KOTopbie ohh y>Ke penin/in, n/in npo 6 /ieM, 
KOTopbie ohh He MoryT BOcnpoH3BecTH c Hcno/ib30BaHHeM Bepcnn, 
KOTOpyK) OHH Ha AaHHblH MOMeHT HCnO/lb3yK)T (pa3pa60THHKH nOHTH 
BcerAa Hcno/ib3yK)T noc/ieAmoio Bepcnio cBoero npoAyKTa). flawe 
KorAa cTapbie Bepcnn noAAsp>KHBaK)TCJi pa3pa6oTHHKaMH, Taicaji 
noAAep>KKa nacro orpaHHHHBaeTCJi ncnpaB/ieHHJiMH b 06 /iacTH 
6e3onacHOCTH n/in 6 o/iee cepbe3HbiMH npo 6 /ieMaMH. Bbi yBepeHbi, hto 
Bama OLun 6 Ka OAHa H3 hhx? 

Bot noneMy nepeA noAanen OTneTa 06 OLun6Ke Bbi AO/i>KHbi 
y6eAHTbCA, hto ncno/ib 3 yeTe noc/ieAmoio Bepcnio npo6/ieMHon 
cncTeMbi n/in npn/io>KeHn}i, n hto Bbi MO>KeTe BOcnpon 3 BecTn 
npo6/ieMy b c/iynae Heo6xoAHMOCTH. 

Ec/in Kali Linux He npeA-naraeT caMyio noc/ieAHioio Bepcnio 
npn/io>KeHHfl (hh b kali-rolling hh b kalibleeding-edge, cMOTpn pa 3 Ae/i 
8.1.3.3, "Peno3HTopnn Kali-Bleeding-Edge Repository" [cTp. 174]), y 
Bac ecTb a/ibTepHaTHBHoe pemeHne: Bbi MO>KeTe nonpo6oBaTb 
Bbino/iHHTb pyHHyio ycTaHOBKy noc/ieAHen Bepcnn Ha 0 AH 0 pa 30 B 0 n 
BnpTya/ibHon ManinHe, n/in Bbi MO>KeTe npocMOTpeTb bocxoa^luhm 
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ChangeLog (m/ii/i Git commit MCTopmo), HTo6bi yBi/iAeTb, hto He 6bmo 
HMK3KMX n3MeHeHMH, KOTopbie mot/im 6bi ycrpaHi/iTb npo6/ieMy, (m 
3aTeM Bbi MOweTe peri/icTpi/ipoBaTb OLui/i6Ky, He cmotpa Ha to, hto Bbi 
He npo6oBann nocneAHiOK) Bepcmo). 

He CMeiiiMBaMTe HecKO/ibKO npo 6 /ieM b oahom OTneTe 06 
oujkiGxe 

PerHCTpHpyPiTe oahh othct 06 oi±ii/i6Ke A-rm Ka>KAoPi OTAe/ibHoPi 
OLun6Ke. TaKMM o6pa30M, nocneAyKDLUne o6cy>KAeHi/m He craHOBATCfl 
c/imiiKOM 6ecnop?iAOHHbiMM, m Ka>KAafl OLun6Ka MO>KeT 6biTb 
McnpaB/ieHa b cooTBeTCTBHH c ee co6cTBeHHbiM oco6eHHOcmMi/i. Ecrm 
Bbi 3Toro He CAenaeTe, to /im6o OAHa m Ta >Ke OLun6Ka AO/i>KHa 6yAeT 
BMAOM3MeHflTbCfl MHO>KeCTBO pa3 M MO>KeT 6blTb 3aKpblTa TO/lbKO B TOM 
c/iynae, KorAa Bee olum6km 6yAyT ycTpaHeHbi, /11/160 pa3pa6oTHMKM 
AO/i>KHbi 6yAyT pemcTpi/ipoBaTb Aono/iHMTe/ibHbie OTneTbi, KOTopbie 
Heo6xoAHMO 6bmo CAenaTb BaM b nepByio onepeAb. 


6.3.2 perMCTpnpoBaTb OTHeT 06 oujn6Ke 

HT06bl MMeTb B 03 M 0 >KH 0 CTb peLUHTb, TAe 3 anHCaTb OTHeT 06 OLUH6Ke, 
Bbi AO/i>KHbi xopomo noHMMaTb npo6neMy, m Bbi AO/i>KHbi onpeAe/iMTb, 
b KaKoPi nacTH nporpaMMHoro o6ecneHeHi/m 3 aK.moHeHa npo6neMa. 

1/lAeanbHO, BaM Heo6xoAHMO OTc/ieAHTb npo6neMy np^MO ao 
KOHK peTHoro c^aPi/ia b BauiePi ci/icreMe, a 3aTeM Bbi MO>KeTe 
ncno/ib30BaTb dpkg A-rm Toro, HTo6bi onpeAe/ii/iTb icaicoPi naiceT 
BnaAeeT btm cj^aPmoM m KeM nocraB/ifleTCfl btot naKeT. flaBaPiTe 
npeAno.no>Ki/iM, hto Bbi Haumi/i OLun6Ky b rpa<t>i/iHecKOM npn/io>KeHm/i. 
Iloc/ie npocMOTpa cnnci<a 3anymeHHbix npoqeccoB (BbiBOA KOMaHAbi 
ps auxf), hto npn/io>KeHMe 6bmo 3anymeHO c i/icno/iHfleMbiM c^aPmoM 
/usr/bin/Sparta: 


$ dpkg -S /usr/bin/sparta 

sparta: /usr/bin/sparta 

$ dpkg -s sparta | grep ''Version: 

Version: 1.0.l+git20150729-0kalil 

Bbi y3HaeTe, hto /usr/bin/sparta npeAOCTaBrmeTCfl naKeTOM sparta, 
KOTopbiPi HaxoAHTca b Bepci/in 1.0.1+git 20150729-Okalil. Tot c^aicr, 


166 


hto cTpoKa BepcMM coflep>KMT kali, yKa3biBaeT Ha to, hto naKeT 
nocTaB.rmeTCfl Kali Linux (min 6bin M3MeHeH Kali Linux). /1k)6om naKeT, 
KOTopbiM He MMeeT kali b cBoePi cTpoKe BepcHM (mjim b hmchm naKeTa), 
nocTaBrmeTCfl Debian (Debian Testing BOo6me). 


ABOMHan npoeepKa nepefl TeM, KaK b n^ea/ie noflaTb 4>aMJit»i c 
OLun6KaMM b Debian 

E cn\A Bbi o6Hapy>KM/iM OLun6Ky b naKeTe, MMnopTi/ipoBaHHOM npfiMO M3 
Debian, oh AOJDKeH coo6maTbCjR m McnpaB/iflTbCfl co CTopoHbi Debian. 
OflHaKO, nepeA btmm y6eAHTecb, hto npo6/ieMa BOcnpon3BOAHMa b 
npocTOM cMCTeMe Debian, nocKO/ibKy Kali, bo 3 mo>kho, Bbi3Ba/ia 
npo6/ieMy, M3MeHMB Apyri/ie naKeTbi mjim 3aBMCMMOCTM. 

CaMbiM npocTOM cnoco6 CAe/iaTb bto - HacrpoMTb BMpTya/ibHyio 
ManiHHy, Ha kotopom 3anymeH Debian Testing. Bbi MO>KeTe homtm 
ycTaHOBOHHbiM o6pa3 ISO A-rm Debian Testing Ha Be6-caPiTe Debian 
Installer: 

https://www.debian.org/devel/debian-installer/ 

Ec/im Bbi MO>KeTe noATBepAHTb npo6/ieMy Ha Bi/ipTya/ibHoPi MauiMHe, 
Bbi MO>KeTe OTnpaBMTb OTneT 06 0Lun6Ke b Debian, Bbino/iHMB 
c|3yHKi4MK) OTneT 06 0Lun6Ke b Bi/ipTya/ibHoPi MauiMHe m cnenyn 
MHCTpyKUl/mM. 


BO/lbLUMHCTBO OTHeTOB 06 0LUM6KaX B OTHOLLieHMM nOBeAGHMfl 
npnno>KeHMM AO/i>KHbi 6biTb HanpaBneHbi HenocpeACTBeHHOM 
BnaAe/ibuaM 3 tmx npoeKTOB, KpoMe c/iynaeB, KorAa Bbi cra/iKMBaeTecb 
c npo6neMOM MHTerpaqMM: b btom c/iynae Heno/iaAKa AB/iaeTCfl 
olum 6 kom, Bbi3BaHH0M TeM, KaK nporpaMMHoe o6ecneneHne 
naKeTkipyeTCjR m MHTerpMpyeTca b Debian mjim Kali. 

HanpMMep, ec/iM npnno>KeHne npeA-naraeT napaMeTpbi BpeMeHM 
KOMnHnauHM, KOTopbie naKeT He pa3pemaeT mjim npM/io>KeHMe He 
pa6oTaeT M3-3a OTcyTCTByiomeM 6n6/inoTeKM (t 3 kmm o6pa30M, b 
pe3y/ibTaTe B03HHKaeT HeAOCTaiOLuafl 3aBMCMM0CTb b 
MeTanH(|)opMaunM naKeTa), Bbi MO>KeTe cmnKHyTbCfl c npo6/ieMOM 
HHTerpapHM. KorAa Bbi He 3HaeTe, c KaKoPi npo6/ieMoPi Bbi 
CTa/iKMBaeTecb, o6bNHO jiyHLue Bcero 3aperncTpnpoBaTb npo6/ieMy c 
o6enx cTopoH m nepeKpecTHO ccbmaTbCfl Ha Hee. 
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OnpeAenem/ie npoeKTa, k KOTopoMy othocmtc?i oi±in6Ka m Haxo>KAeHMe 
MecTa, KyAa mo>kho noAaTb/ 3 aperncTpnpoBaTb othct 06 oi±ii/i6Ke Ha 
caMOM Aene AOBO/ibHO nerKO. Bbi npocTO Aon>KHbi npocMOTpeTb 
Heo6xoAHMbiM caPiT, Ha KOTopbiPi ecTb ccbinKa b none «floManiHnn 
CTpaHnua» (Homepage) MeTaASHHbix naKeTi/ipoBaHi/m. 

$ dpkg -s sparta | grep ''Homepage: 

Homepage: https://github.com/SECFORCE/sparta 


6.3.3 KaK perncTpupoBaTb OTHeT 06 owi/i6Ke 
Co3A3HMe or u era 06 OLiin6Ke b Kali 

Kali ncnonb3yeT Be6-Tpei<ep oi±im 6 ok Ha http://bugs.kali.org/ . rAe Bbi 
MO>KeTe aHOHMMHO npoKOHcynbTMpoBaTbcn OTHOCMTenbHoro nK)6oro 
poAa OTneTax 06 oi±ii/i6Kax, ho ecrm Bbi xorme npoKOMMeHTi/ipoBaTb 
i/mi/i ony6nnKOBaTb HOBbiPi OTHeT 06 oi±in6Ke, BaM Hy>KHO 6yAeT 
3aperncTpnpoBaTb yneTHyio 3anncb. 

PerncTpai4nq yneTHOM 3armcn Ha 6ar Tpexepe 

flnn Hanana npocTO Ha>KMMTe Ha Co3/jaTb HOBbin aKKayHT (Signup for 
new account) Ha Be6-caPiTe 6ar TpeKepa, KaK noKa3aHO Ha pi/icyHKe 
6.1, "HananbHan cTpaHHua Kali 6ar TpeKepa" [cTp. 134]. 

KALI LINUK 

BUG TRACKER 

Anonymous | Logn | Signup for 4 new Account 2017-06-11 19:31 UTC 

j Unsigned (t • 10 / 665) 

iirMilit f(* a inrt crested by SCt wan Directory is co rrect 
M I* 1 Projects] Kali Package Bug • 2017-06-10 16 40 

«U 1 rata I croMarm or MU CL62 &Qf «32hL 
_ |AI Protects i General Big - 3017*06*10 11*06 

JOOaczS CtfiltootlisuiJSS 
_ i |AJ Projects jOene-ai tog- 3017-06-00 23:31 

OpvOoor sterna- 

_ $ |AS Pro feet* | Now Toot ftequeata - 2017-00-00 10 13 

'CO suorrtMon. getsptrt 

_ i IA J Prefects | New Toci Kequasts - 2017-00-00 14:42 

isreofTkoencc site* {not ftuedMPneHM6-pc-4«tM-gr«j.e<) 

_ i |AI Prefects | Kail Package Buq • 2017-00-00 03.31 

>0 >■ rmoom ertehi in e» eryday norm* user tasks 

IAl Prefects; Gena-4 Bug • 2017 06-00 17:40 

*»> : to*** Orgs 

. |AJ Projects] Kan Package Buq - 2017-06 04 22.19 

WPPkK ae^'Mcrvn* 

A | |A1 Projects] Gena«al Ojg - 2017 06 04 17:1S 

Vap* rrair after «MrPg tper rtr corrmersj 

_ 1A1 ftnalerf i «*■«■ >ftl T - OA-fl? » U 

PMcyHOK 6.1 Ha^a/ibHafj crpannua Kali 6ar TpeKepa 


Timeline 

2017-06-06 .. 2017 

Hypnuo ccmmentc 
Hypnuc comment# 

Joel commented on 

Joel commented on 
Joel creoted issue 
rhertzog comment 
rhertzog closed os 
rhertzog comment 
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3aTeM, yKa>KHTe i/ima no/ib30BaTe/ifl, e-mail aapec, n OTBeTbTe Ha 
3 anpoc CAPTCHA. fla/iee Ha>KMHTe Ha KHonKy Signup Arm 
npoAO/i>KeHH}q (PkicyHOK 6.2, «CTpaHHua perncTpaunn» [cTp. 134]). 

KALI LINUX 

BUG TRACKER 


Signup 

[ Login ] [ Lost your password? ] 

Username 

NewfiugSugmmer 

E-mail 

nbs^cmad com 

--- 


Enter the code as it is 
shown in the box on the 
right: 

On completion of this form and verification of your answers, you will be sent a confirmation 
message to the e-mail address you specified. 

Using the link provided m the e-mad, you will be able to activate your account. If you fad to do 
so within seven days, it may be purged. 

You must specify a valid e-mail address in order to receive the account confirmation e-mail. 

Signup 



PucynoK 6.2 CrpaHMLia perncrpauMM 
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Ecnn see npoLuno ycneinno, cne/iytouian crpaHMiia (PncynoK 6.3 , 
"CrpaHMua no/jTBep^/jeHMn periACTpapiAiA" [crp. 135]) coo6liimt bbm o 
tom, <ato periACTpauiAn Batuero aKKayt-tra npo/ionwaeTcn ia <-tro cm ere m a 
6ar rpeKepa ornpaBuna BaM rmcbMO /inn no/iTBep>K/ieHtin co3AantAn 
Bamen y-terHon 3anticH, Ha npe/iocTaBneHHbm aaMt/t paHee 
aneKTpoHHbiM a/ipec. BaM Hy>KHO 6yner nepenTH no ccbinKe, Koropan 
yKa3aHa b nonyneHHOM saMn nncbMe /inn toto, >-tTo6bi aKrtABuposaTb 
Bam aKKayHT. 

Kai< mnbKO Bam aKKayHT 6bm aKTHBHpoBaH, Ha>KMMTe Proceed, HTo6bi 
nepemn Ha crpaHi/iuy Bxofla b 6arTpeKep. 

KALI UNUK 

BUG TRACKER 


Account registration 
processed. 


Congratulations, you have registered successfully ! You are now 
being sent a confirmation e-mail to verify your e-mail address. 
Visiting the link sent to you in this e-mail will activate your account. 

You have seven days to complete the account confirmation process; 
if you fail to do so within this period, the newly-registered account 
may be purged. 


[ Proceed ] 

PucyHOK 6.3 CrpaHtALia no/iTBep>K/ieHHn perncTpautiH 

Co3flaHMe OTneTa 

HTo6bi HanaTb cbom othct, BoPiflMTe b cbokd yneTHyio 3anncb h 
H a>KMMTe Ha ccbmKy «Coo6mnTb o npo6/ieMe» (Report Issue) Ha 
ue/ieBoPi cTpaHi/iue. BaM 6yAeT npeACTaB/ieHa cJ^opMa c MHO>KecTBOM 
no/iePi Ann 3ano/iHeHHfl, KaK noKa3aHO Ha pkicyHKe 6.4, «OopMa Ann 
co3AaHna OTneTa 06 omn6Ke» [cTp. 136]. 
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PkicyHOK 6.4 OopMa Ann co3AaHnn OTneTa 06 oi±in6i<e 

Hnwe npMBeASHO KpaTKoe onncaHne Bcex nonen cj^opMbi: 

• KaTeropMA (o6$i3aTe/ibHO a /in 3anonHeHnq) 3to none 
onncbiBaeT KaTeropnK) oi±m6ku, KOTopon nocBmueiH OTneT. OTneTbi, 
KOTopbie OTHOcnTcn k KOHKpeTHOMy naiceTy, Aon>KHbi 6biTb 
3aperncTpnpoBaHbi b KaTeropnnx Kali Package Bug nnn Kali 
Package Improvement, flpyrne OTneTbi Aon>KHbi ncnonb30BaTb 
KaTeropnn General Bug nnn Feature Requests. OcTaBiunecn 
KaTeropnn npeAHa3HaneHbi A-na oco6bix cnynaeB: KaTeropnq Tool 
Upgrade MO>KeT 6biTb ncnonb30BaHa A-nfl toto, HTo6bi coo6mnTb 
pa3pa6oTHnKaM Kali o AOCTynHOCTn hoboPI Bepcnn nporpaMMHoro 
o6ecneHeHnn, naKeTnpoBaHHoro b Kali. KaTeropnn New Tool 
Requests MO>KeT 6biTb ncnonb30BaHa A-rm npeAno>KeHnq HOBbix 
nHCTpyMeHTOB Ann naKeTnpoBaHnn n nHTerpaunn b AHCTpn6yTnB 
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Kali. 


• Bocnpon3BOflMMOCTb - B 3tom none yKa3biBaeTcn, MO>KeT nv\ 
npo6/ieMa BOcnpoM3BOAHTbcn npeflCKa3yeMbiM o6pa30M, nnn OHa 
nocTOJiHHO B03HMKaeT c/iynaMHbiM o6pa30M. 

• CepbesHOCTb m npnopiiTeTHOCTb - 3tm nonn nynwe Bcero ocTaBHTb 
6e3 M3MeHeHnPi, nocKonbKy ohm npeAHa3HaneHbi maBHbiM o6pa30M 
Ann pa3pa60THMK0B. Ohm MoryT Mcnonb30BaTb mx A-ns coptmpobkm 
cnMcica npo6/ieM b cootb6tctbmm c cepbe3HOCTbK) npo6neMbi m 
npMOpMTeTOM, B COOTBeTCTBMM C KOTOpbIM OHa AO/l>KHa 
06 pa 6 aTbiBaTbCfl. 

• Bepena npoAYKTa - B stom none Aon>KHO 6biTb yKa3aHO, KaKyK) 
BepcMK) Kali Linux Bbi Mcnonb3yeTe (MnM xota 6bi Ty, KOTopan 
HaM6onee 6nM3Ka k tom, hto Bbi Mcnonb3yeTe). lloAyMaMTe ABa>KAbi, 
npe>KAe neM coo6maTb o npo6neMe b cTapoM BepcMM, KOTopan 6onbwe 
He noAAep>KMBaeTcn. 

• KpaTKoe coflepnoHne (o6n3aTe/ibHO flnm 3 ano/iHeHkm) - 3 to, 
no cyTM, nBnneTcn 3aronoBKOM Bamero OTneTa 06 oniM6Ke, m bto 
nepBoe, hto niOAH yBMA^T. Y6eAHTecb, hto oh nepeAaeT npMHMHy, no 
KOTopoPi Bbi OTnpaBnneTe othct. l/l36eraMTe o6mnx onMcaHMM, tokmx 
K aK «X He pa6oTaeT», m BMecTO stoto cTapaPiTecb cneAOBaTb 
nOA06HOM KOHCTpyKUMM «X C OI±IM6kOM Y npM ycnOBMM Z». 

• Onucanne (Description (o6n3aTe/ibHO ajih 3ano/iHeHMn)) - 3to 

Teno Bamero OTneTa. 3Aecb Bbi Aon>KHbi bbcctm boo MHcjDopMauMK), 
KOTopyio Bbi co6panM o npo6neMe, c kotopom Bbi cTonKHynMCb. He 
3a6biBaMTe Bee peKOMeHAauMM, npMBeAeHHbie b npeAbiAymeM 
pa3Aene. 

• fleMCTBHn no BOcnpoM3BeaeHMio (Steps to Reproduce) - B stom 
none nepenMcneHbi Bee noApo6Hbie MHCTpyKUMM, oStncHniOLUMe, 
k3kmm o6pa30M mo>kho Bbi3BaTb AaHHyio npo6neMy. 

• Aono/iHMTe/ibHan MHcjDopMam'm (Additional Information) - B 

3tom pa3Aene Bbi MO>KeTe npeAOCTaBMTb nK)6yio AononHMTenbHyio 
MHcj^opMaMMK), KOTopan, no BameMy mhchmio, MMeeT OTHomeHMe k 
npo6neMe. EcnM y Bac ecTb peKOMeHAauMM OTHOCMTenbHO toto, KaK 
McnpaBMTb MnM o6omtm npo6neMy, npeAOCTaBbTe mx b stom pa3Aene. 
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• 3arpy3MTb 4>afi/i (Upload File) - He Bee mo>kho 06 'bncHMTb npocTbiM 
TeKCTOM . B 3tom none Bbi MO>KeTe npMicpennnTb npon3BO/ibHbie c^aPi/ibi 
K CBOMM OTHeTaM: CKpMHLUOTbl, HT 06 bl nOKa3aTb OLUH 6 Ky, 06pa3Ubl 
AOKyMeHTOB, 3anycKaK)inne npo 6 neMy, cj^aPi/ibi >KypHa/iOB m t. a- 

• npocMOTpeTb CTaTyc (View Status) - OcTaBbTe bto none 
«o 6 meAOCTynHbiM» ("public"), HTo 6 bi KawAbiPi Mor BMAeTb Bam OTHeT 
06 omn 6 Ke. Mcnonb3yPiTe «KOHcf)MASHuuanbHO» («private») TonbKO 
Ann OTneTOB, cBA3aHHbix c 6e3onacHOCTbK), KOTopbie coAsp>KaT 
MHcj^opMauMK) o HepacKpbiTbix yn3BMMOCTnx 6e3onacHOCTM. 


Co 3 AaHMe OTHeTa 06 owM 6 Ke b Debian 

Debian ucnonb3yeT (b ochobhom) cMcreMy OTcne>KMBaHMn oi±im 6 ok Ha 
ocHOBe aneKTpoHHoPi noHTbi, M3BecTHyro KaK Debbugs. HTo6bi 
OTKpbiTb HOBbm OTHeT 06 oi±iM6Ke, Bbi OTnpaBHTe aneKTpoHHoe nucbMO 
(co cneunanbHbiM cMHTaKCMcoM) Ha aApec subrnit@bugs.debian.org. 
3to npMCBOMT HOMep omn6Ke XXXXXX m coo 6 laht BaM, hto Bbi MO>KeTe 
OTnpaBHTb AononHMTenbHyro HHC^opMaunro, OTnpaBMB XXX 
XXX@bugs.debian.org. Ka>KAan omn6Ka cBn3aHa c naiceTOM Debian. 
Bbi MOweTe npocMOTpeTb Bee oi±im 6 km ashhoto naxeTa (Bicnronan Ty 
OI±ll/l6Ky, 0 KOTOpOM Bbi XOTHTe C0CT3BMTb OTHeT) Ha 
https://bugs.debian.org/ package. Bbi MO>xeTe npoBepMTb mctopmkd 
AaHHoPi oi±im 6 km Ha crpaHMue https://bugs.debian.org/XXXXXX. 

HacTpaMBaeM Reportbug XoTn Bbi MO>KeTe coo6mnTb o hobom 
omn6Ke c noMombio npocroro aneKTpoHHoro nncbMa, Mbi 
pexoMeHAyeM Mcnonb30BaTb reportbug, noTOMy hto bto noMO>KeT BaM 
cocTaBMTb cepbe3HbiPi OTHeT 06 omM6Ke co Been Heo6xoAHMOM 
MH(f)opMai4MeM. B MAeane Bbi Aon>KHbi 3anycTMTb ero M3 cMCTeMbi 
Debian (HanpMMep, Ha BMpTyanbHOM MaiunHe, rAe Bbi BOcnpoM3BenM 
npo6neMy). 

llepBbiM 3anycK reportbug 3anycKaeT cqeHapMM KOHcj^MrypauMM. 
CHanana Bbi6epMTe ypoBeHb HaBbixa. Bbi Aon>KHbi Bbi6paTb HoBMHKa 
(Novice) MnM CTaHAapT (Standard); Mbi Mcnonb3yeM nocneAHMM, 
noTOMy hto oh npeAnaraeT 6onee AeTanbHbiM KOHTponb. 3aTeM 
Bbi6epMTe MHTepcf>eMC m BBeAHTe cbom nMHHbie AaHHbie. HaKOHeu, 
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Bbi6epnTe no/ib30BaTe/ibCKi/iPi MHTepcj^eMC. Ci4eHapnPi KOHc^nrypauHM 
no3BO/ii/iT BaM ncnonb30BaTb noKa/ibHbiPi areHT TpaHcnopTa noHTbi, 
SMTP-cepBep i/i/im, b KpaPmeM cnynae, SMTP-cepBep Debian. 


Welcome to reportbug! Since it looks like this is the first time you have 
used reportbug, we are configuring its behavior. These settings will be 
saved to the file "/root/.reportbugrc", which you will be free to edit 
further. 

Please choose the default operating mode for reportbug. 

1 novice Offer simple prompts, bypassing technical questions. 

2 standard Offer more extensive prompts, including asking about things 

that a moderately sophisticated user would be expected to 
know about Debian. 

3 advanced Like standard, but assumes you know a bit more about Debian, 

including "incoming". 

4 expert Bypass most handholding measures and preliminary triage 

routines. This mode should not be used by people unfamiliar 
with Debian's policies and operating procedures. 

Select mode: [novice] standard 

Please choose the default interface for reportbug. 

1 text A text-oriented console user interface 

2 gtk2 A graphical (GTK+) user interface. 

3 urwid A menu-based console user interface 
Select interface: text 

Will reportbug often have direct Internet access? (You should answer 
yes to this question unless you know what you are doing and plan to 
check whether duplicate reports have been filed via some other channel.) 

IY | n | q | ? J ? Y 

What real name should be used for sending bug reports? 

(root]> Raphael Hertzog 

Which of your email addresses should be used when sending bug reports? 
(Note that this address will be visible in the bug tracking system, so you 
may want to use a webmail address or another address with good spam 
filtering capabilities.) 

(root@localhost.localdomain]> buxy@kali.org 

Do you have a "mail transport agent" (MTA) like Exim, Postfix or SSMTP 
configured on this computer to send mail to the Internet? [y|N|q|?]? N 
Please enter the name of your SMTP host. Usually it's called something 
like "mail.example.org" or "smtp.example.org". If you need to use a 
different port than default, use the <host>:<port> alternative 
format. Just press ENTER if you don't have one or don't know, and so a 
Debian SMTP host will be used. 

> 

Please enter the name of your proxy server. It should only use this 
parameter if you are behind a firewall. The PROXY argument should be 
formatted as a valid HTTP URL, including (if necessary) a port number; for 
example, http://192.168.1.1:3128/. Just press ENTER if you don't have one 
or don't know. 

> 

Default preferences file written. To reconfigure, re-run reportbug with 
the "--configure" option. 
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l/lcno/ib30BaHMe Reportbug llocne 3aBepweHMfl ct>a3bi HacrpoMKH 
Bbi MO>KeTe HanaTb co3AaHne OTneTa 06 onin6Ke. BaM 6yAeT 
npeA/io>KeHO yKa3aTb mma naKeTa, xota Bbi TaK>Ke MO>KeTe yKa3aTb 
i/iMfl naKeTa HenocpeACTBemno b KOMaHAHoPi crpoKe c noMombK) 
reportbug package. 


Running ’reportbug' as root is probably insecure! Continue [y|N|q|?]7 y 
Please enter the name of the package in which you have found a problem, or 
type 'other' to report a more general problem. If you don't know what 
package the bug is in, please contact debian-user@lists.debian.org for 
assistance. 

> wireshark 


B OT/iMHi/ie ot peKOMeHAaunPi, npi/iBeAem-ibix Bbiuie, ecrm Bbi He 
3HaeTe, c k3khm naKeTOM c/ieAyeT noAaTb owi/i6Ky, Bbi AO/i>KHbi 
CBfl3aTbCfl c cf)opyMOM noAAep>KKM Kali (cm. Pa3Ae/i 6.2 « KaIi Linux 
coo6mecTBa» [cTp. 128]). Ha cneAyKDineM mare reportbug 3arpy>KaeT 
cnncoK oluh6ok, noAaHHbix c AaHHbiM naKeTOM, v\ sto b cbokd onepeAb 
no3BO/ifleT BaM y3HaTb, MO>KeTe /in Bbi HaPiTi/i b HeM cbokd omn6Ky. 


*** Welcome to reportbug. Use ? for help at prompts. *** 

Note: bug reports are publicly archived (including the email address of 
the submitter). 

Detected character set: UTF-8 
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Please change your locale if this is incorrect. 

Using '"Raphael Hertzog" <buxy@kali.org>' as your from address. 

Getting status for wireshark... 

Verifying package integrity... 

Checking for newer versions at madison... 

Will send report to Oebian (per lsb_release). 

Querying Debian BTS for reports on wireshark (source)... 

35 bug reports found: 

Bugs with severity important 

1) #478200 tshark: seems to ignore read filters when writing to_ 

2) #776206 mergecap: Fails to create output file > 2GB 

3) #780089 wireshark: "On gnome wireshark has not title bar. Does- 
Bugs with severity normal 

4) #151017 ethereal: "Protocol Hierarchy Statistics" give misleading- 

5) #275839 doesn’t correctly dissect ESMTP pipelining 

[...] 

35) #815122 wireshark: add OID 1.3.6.1.4.1.11129.2.4.2 
(24-35/35) Is the bug you found listed above (y|N|b|m|r|q|s|f|e|?]7 ? 
y - Problem already reported; optionally add extra information. 

N - (default) Problem not listed above; possibly check more, 
b - Open the complete bugs list in a web browser, 
m - Get more information about a bug (you can also enter a number 
without selecting "m" first), 
r - Redisplay the last bugs shown, 
q - I'm bored; quit please. 

s - Skip remaining problems; file a new report immediately, 
f - Filter bug list using a pattern, 
e - Open the report using an e-mail client. 

? - Display this help. 

(24-35/35) Is the bug you found listed above [y|N|b|m|r|q|s|f|e|?)7 n 
Maintainer for wireshark is 'Balint Reczey <balint@balintreczey.hu>'. 
Looking up dependencies of wireshark... 


Ec/im Bbi o6Hapy>KMnM, hto othct o BamePi OLun6i<e ywe noflaH, Bbi 
CMOweTe ompaBUTb Aono/iHHTe/ibHyK) i/mcf)opMaui/iK), i/mane BaM 
6yAeT npeA-noweiHO noAaTb HOBbiPi OTneT 06 onin6Ke: 


Briefly describe the problem (max. 100 characters allowed). This will be 
the bug email subject, so keep the summary as concise as possible, for 
example: "fails to send email" or "does not start with -q option 
specified" (enter Ctrl+c to exit reportbug without reporting a bug). 

> does not dissect protocol foobar 

Rewriting subject to 'wireshark: does not dissect protocol foobar' 


noc/ie npeAOCTaB/ieHHfl oahoctpohhom cboakh o BaniePi npo6/ieMe Bbi 
Aon>KHbi oueHMTb ee cepbe3HOCTb b paci±ii/ipeHHOM MacniTa6e: 
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How would you rate the severity of this problem or report? 


1 critical 


2 grave 


3 serious 


4 important 

5 does-not-build 

6 normal 

7 minor 

8 wishlist 


makes unrelated software on the system (or the whole 
system) break, or causes serious data loss, or 
introduces a security hole on systems where you install 
the package. 

makes the package in question unusable by most or all 
users, or causes data loss, or introduces a security 
hole allowing access to the accounts of users who use 
the package. 

is a severe violation of Debian policy (that is, the 
problem is a violation of a 'must' or 'required' 
directive); may or may not affect the usability of the 
package. Note that non-severe policy violations may be 
'normal,' 'minor,' or 'wishlist' bugs. (Package 
maintainers may also designate other bugs as 'serious' and 
thus release-critical; however, end users should not do 
so.). For the canonical list of issues worthing a serious 
severity you can refer to this webpage: 
http://release.debian.org/testing/rc_policy.txt 
a bug which has a major effect on the usability of a 
package, without rendering it completely unusable to 
everyone. 

a bug that stops the package from being built from source. 
(This is a 'virtual severity’.) 

a bug that does not undermine the usability of the whole 
package; for example, a problem with a particular option 
or menu item. 

things like spelling mistakes and other minor cosmetic 
errors that do not affect the core functionality of the 
package. 

suggestions and requests for new features. 


Please select a severity level: (normal] 


Ec/im Bbi He yBepeHbi, npocro co6/iK)flaPiTe npaBM/ia cTaHflapTHoPi 
npoueflypbi. Bbi TaKx<e MOweTe OTMeTHTb cbom othct HecKO/ibKHMH 
K/lK)HeBblMM C/lOBaMM! 

npMMeHHMO /in HTO-.ni/i6o H3 Hi/DKenepeHi/icneHHoro k BameMy 
OTneTy? 


Do any of the following apply to this report? 


1 d-i 

2 ipv6 

3 I10n 

4 Ifs 

5 newcomer 


This bug is relevant to the development of debian-installer. 

This bug affects support for Internet Protocol version 6. 

This bug reports a localization/internationalization issue. 

This bug affects support for large files (over 2 gigabytes). 

This bug has a known solution but the maintainer requests someone 
else implement it. 


BonbLUMHCTBO H3 TeroB 6yflyT noHATHbi cKopee Jimiib nocBflineHHbiM, 
ho ec/ii/i Bam othct coflep>KHT ncnpaB/ieHne npo6neMbi, BaM c/ieayeT 
Bbi6paTb Ter patch. 
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Korfla 3tot 3Tan 6yAeT 3aBepi±ieH, reportbug cmcpoeT TeiccTOBbiM 
peflaKTOp C LUa6/10H0M, KOTOpbIM Bbl AOn>KHbl OTpeflaKTHpOBaTb 

(npi/iMep 6.2, «LLIa6/iOH, co3AaHHbiM reportbug» [cTp. 142]). Oh 
coflep>KMT HecKO/ibKO BonpocoB, KOTopbie Bbi AO/i>KHbi cHana/ia 
yAa/iMTb m Ha mx MecTe yi<a3aTb co6cTBeHHbiM otbct, a TaK>Ke 
HeicoTopyK) MHcjDopMauHK) o Baiuei/i cMCTeMe, KOTopaa 6bma 
aBTOMaTMHecKM co6paHa. 06paTMTe BHHMaHi/ie, KaK cTpyKTypnpyK)Tc^ 
nepBbie HecKonbKO ctpok. Ohm He AO/i>KHbi 6biTb M3MeHeHbi, 
nocKonbKy ohm 6yAyT npoaHanM3MpoBaHbi 6ar TpeKepoM, HTo6bi 
Ha3H3HMTb OTHeT cooTBeTCTByKDLUSMy naKeTy. 

flpMMep 6.2 LLIa6noH co3AaHHbiPi reportbug 


Subject: wireshark: does not dissect protocol foobar 

Package: wireshark 
Version: 2.0.2+gal6e22e-l 
Severity: normal 

Dear Maintainer, 

*** Reporter, please consider answering these questions, where appropriate *** 

* What led up to the situation? 

* What exactly did you do (or not do) that was effective (or 
ineffective)? 

* What was the outcome of this action? 

* What outcome did you expect instead? 

*** End of the template - remove these template lines *** 


-- System Information: 

Debian Release: stretch/sid 
APT prefers testing 
APT policy: (500, 'testing') 

Architecture: amd64 (x86_64) 

Foreign Architectures: i386 

Kernel: Linux 4.4.0-l-amd64 (SMP w/4 CPU cores) 

Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) 
Shell: /bin/sh linked to /bin/dash 
Init: systemd (via /run/systemd/system) 


Versions of packages wireshark depends on: 
ii wireshark-qt 2.0.2+gal6e22e-l 

wireshark recommends no packages. 

wireshark suggests no packages. 

--no debconf information 
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rioc/ie coxpaHeHMfl OTneTa i/i 3aKpbiTMfl TeKCTOBoro peflaKTopa Bbi 
B03BpamaeTecb k reportbug, KOTopbiPi npeflOCTaB/i^eT MHO>KecTBO 
flpyrux onum/i n npeA/io>KeHMM j\r\9\ OTnpaBKi/i pe3y/ibTaTi/iBHoro 
OTneTa. 


Spawning sensible-editor... 

Report will be sent to "Debian Bug Tracking System" <submit@bugs.debian.org> 

Submit this report on wireshark (e to edit) (Y|n|a|c|e|i|l|m|p|q|d|t|s|?]7 7 
Y - (default) Submit the bug report via email. 

n - Don't submit the bug report; instead, save it in a temporary file (exits reportbug). 
a - Attach a file, 
c - Change editor and re-edit, 
e - Re-edit the bug report, 
i - Include a text file. 

I - Pipe the message through the pager, 
m - Choose a mailer to edit the report, 
p - print message to stdout. 
q - Save it in a temporary file and quit, 
d - Detach an attachment file, 
t - Add tags. 

s - Add a X-Debbugs-CC recipient (a CC but after BTS processing). 

? - Display this help. 

Submit this report on wireshark (e to edit) (Y|n|a|c|e|i|l|m|p|q|d|t|s|7]7 Y 

Saving a backup of the report at /tmp/reportbug-wireshark-backup-20160328-19073-87oJWJ 

Connecting to reportbug.debian.org via SMTP... 

Bug report submitted to: "Debian Bug Tracking System” <submit@bugs.debian.org> 

Copies will be sent after processing to: 
buxy@kali.org 

If you want to provide additional information, please wait to receive the 
bug tracking number via email; you may then send any extra information to 
n@bugs.debian.org (e.g. 999999@bugs.debian.org), where n is the bug 
number. Normally you will receive an acknowledgement via email including 
the bug report number within an hour; if you haven't received a 
confirmation, then the bug reporting process failed at some point 
(reportbug or MTA failure, BTS maintenance, etc.). 


Co 3 flaHne OTneTa 06 oiun6Ke A-rm /iK)6oro Apyroro npoeKTa 
CBo6oAHoro nporpaMMHoro o6ecneHeHHfl (Free Software Project) 

CymecTByeT 6o/ibiuoe pa 3 H 006 pa 3 ne npoeKTOB cBo6oAHoro 
nporpaMMHoro o6ecneneHHfl, ncno/ib 3 yK)Lunx pa 3 /ii/iHHbie pa6oni/ie 
npoueccbi i/i HHCTpyMeHTbi. 3 Ta pa 3 Hi/iua Tai<>Ke npi/iMeHi/iMa k BceMH 
ncno/ib 3 yeMbiM 6ar TpeicepaM. Xota MHorne npoeKTbi pa 3 MemeHbi Ha 
GitHub i/i ncno/ib3yK)T GitHub Issues A-nfl OTc/ie>Ki/iBaHi/m i/ix olui/i6ok, 
ecTb TaK>Ke mhoto Apyri/ix, Ha KOTopbix pa 3 MemaK)TCfl co6cTBeHHbie 
TpeKepbi, ocHOBaHHbie Ha Bugzilla, Trac, Redmine, Flyspray h ApyrHx. 
BonbLUMHCTBO H3 HMX pa60TaK)T B 1 /lHTepHeTe H Tpe6yK)T, HT06bl Bbl 
3 aperncTpnpoBa/in yneTHyio 3 anncb A-n^ OTnpaBKM HOBoro OTneTa. 

3Aecb Mbi He 6yAeM onncbiBaTb Bee TpeKepbi. 3to 3aBncnT TonbKO ot 
Bac, KaKoPi TpeKep Bbi 6yAeTe ncnonb30BaTb H3 Bcex cymecTByiomHx 
TpeKepoB A-n^ Apyri/ix npoeKTOB cBo6oAHoro nporpaMMHoro 
o6ecneHeHna, ho nocKO/ibKy GitHub OTHOCMTenbHO nony/iapeH, Mbi 
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KpaTKO paccMOTpi/iM ero 3Aecb. KaK m b c/iynae c ApyrnMM TpeKepaMi/i, 
Bbi AO/i>KHbi cHanana co3AaTb yneTHyio 3anncb 1/1 bomtm b Hee. 3aTeM 
nepePiAHTe Ha BK/iaAKy «npo6/ieMbi» (Issues), KaK noKa3aHO Ha 
pi/icyHKe 6.5, «r.naBHafl crpaHi/iua npoeKTa GitHub» [cTp. 144]. 



Features 


Business Explore Marketplace Pricing 


U SECFORCE / sparta 



Pull requests 2 


Network Infrastructure Penetration Testing Tool 


Projects o 


Insights ▼ 


® 17 commits p 1 branch 2 releases 

Branch master New pull request 

p St3r30byt3 Cancelled, crashed and killed processes now also store end time 
Ifc app Cancelled, crashed and killed processes now also store en< 


PucyHOK 6.5 r/iaBHax crpaHnua npoeKTa GitHub 

3aTeM Bbi MOweTe npocMaTpi/iBaTb (h HCKaTb) cnncoK OTKpbiTbix 
npo6/ieM. Ec/ 11/1 Bbi yBepeHbi, hto Bama OLun6Ka eiue He 
3aperncTpnpoBaHa, Bbi MO>KeTe Ha>KaTb KHonKy «HoBaa npo6/ieMa» 
(New issue) (PucyHOK 6.6, CTpaHkiua npo6/ieM npoeKTa GitHub »[crp. 
145]). 


Features Business Explore Marketplace Pricing 


Sign in or Sign up 


iCFORCE/ sparta 


O Watch 71 it Star 49* Y Fork 1S8 


!ode ® Issues 17 T Pui requests 2 I 1 * Projects 0 Insights ▼ 


Labels Milestones 



17 Open ✓ 46 Closed 


Author» Labels » Projects w Milestones » Assignee * Sort» 


Help with the hydra on win 10 cygwin £3 l 

#72 opened 12 days *90 by husbusnumoko 

Implement Result Generation feature 

#71 Opfrwd 17 days ago by Insalda 

Pmc. 66 CTpaHkiua npo6/ieM npoeKTa GitHub 
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Tenepb Bbi HaxoAHTecb Ha crpaHi/iue, rAe Bbi AO/i>KHbi onucaTb cbokd 
npo6neMy (pi/icyHOK 6.7, «OopMa GitHub Ann co3AaHM5i hobom 
npo6/ieMbi» [cTp. 145]). HecMOTpa Ha OTcyTCTBkie Lua6/iOHa, 
noAo6Horo TOMy KOTopbiPi npeAOcraB.rm.nc5i b reportbug, MexaHM3M 
OTHeTHOCTM 06 OLUH6KaX AOBO/lbHO npOCT. Oh n03B0/lJReT BaM 
npmcpen/mTb cjDaM/ibi, npi/iMeHATb c|3opMaTi/ipoBaHi/ie k TeKcry m MHoroe 
Apyroe. KoHenHO, Ann A0cn/i>KeHi/m HamiyHLUMx pe3y/ibTaTOB 
o6jR3aTe/ibHO cnenytiTe Haun/iM peKOMeHAaui/mM no co3AaHmo 
noApo6Horo 1/1 xopomo onncaHHoro OTneTa. 


U SCCFORCE / spjrta O WMdi *71 * Su 

oCod* © Htu*i 17 * Kil requMti 7 |M Frojectt 0 Srn-gtiU » 

■±- 


Pmc. 6.7 GitHub cpopMa a/w perucrpaLiMM HOBoro or^era 06 olum6k6 


Tflit iuit« failure with Python 3.S 
Wr<e Preview 


u <> ‘b := e ^ 



6.4 lloABeAeM MTO rn 

B 3tom pa3Aene Mbi o6cyAn/in pa3/iMHHbie MeTOAbi, KOTopbie noMoryT 
BaM H3MTM AOKyMeHTaqMK) H HHC^OpMapHK) 0 npOTpaMMaX M nOMCKy 
nOMOLUH B peilieHHM npo6/ieM, C KOTOpblMM Bbi MO>KeTe CTO/1 KHyTbCfl. 
Mbi nocMOTpe/iM Ha man m info crpaHi/iubi, a TaK>Ke no3HaKOMM/incb c 
KOMaHAaMi/i apropos 1/1 info. Mbi o6cyAnrm OTc/ie>Ki/iBaHi/ie olum6ok, 
npeAOCTaBM/iM HecKO/ibKO cobctob o tom, KaK MCKaTb h OTnpaB/i5iTb 
xopoiiiMe OTneTbi 06 OLun6Kax, a TaK>Ke npi/iBerm HecKO/ibKO cobctob, 
KOTopbie noMoryT BaM noHJiTb, kto 5iB/meTC5i B/iaAe/ibqeM ashhom 
nporpaMMbi v\nv\ npoeKTa. 

OCHOBHbie MOMeHTbi: 

• npe>KAe neM Bbi cMO>KeTe noHJiTb, hto nponcxoAHT, KorAa 
B03HHKaeT npo6neMa, BaM Hy>KHO 3HaTb TeopeTHnecicyK) po/ib 
Ka>KAoPi nporpaMMbi, cB5i3aHHOM c npo6neMoPi. Oahh m3 /lynniMx 
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cnoco6oB cflenaTb bto - npocMOTpeTb AOKyMeHTauMK) nporpaMMbi; 

• f\nn Toro HTo6bi npocMOTpeTb crpaHMuy pyKOBOACTBa npocTO 
BBeflMTe manual-page , yKa3aB mma KOMaHAbi noc/ie 
Heo6jR3aTe/ibHoro HOMepa pa3Ae/ia; 

• KoMaHAa apropos BbiBOAHT cnucoK crpai-mu pyKOBOACTBa, b cboakc 
KOTopbix yKa3aHbi 3anponieHHbie K/noneBbie c/iOBa, a Tai<>Ke 
OAHOCTpOHHOe pe3K)Me M3 CTpaHMUbl pyKOBOACTBa; 

• llpoeKT GNU noAroTOBMn pyKOBOACTBa Ann 6o/ibi±iMHCTBa cbomx 
nporpaMM b info ct>opMaTe. Bot noneMy MHorMe CTpaHMUbl 
pyKOBOACTBa ccbmaiOTCK Ha cooTBeTCTByiomyK) info 
AOKyMeHTauMK). 

• Ka>KAbiM naKeT BK/iKDHaeT b ce6a co6cTBeHHyK) AOKyMeHTauMK), m 
A a>Ke HaMMeHee 3 aAOKyMeHTMpoBaHHbie nporpaMMbi o6biHHO 
coAep>KaT c^aPm README, coAepwamMM HeKOTopyio MHTepecHyK) m 
/ m/im Ba>KHyK) MHcf)opMauMK). 3 Ta AOKyMeHTauMK ycraHaB/iMBaeTCK 
b AnpeKTopMK) /usr/share/doc/package/; 

• B 6o/ibLUMHCTBe c/iynaeB b pa 3 Ae/ie FAQ m/im b apxMBax noHTOBbix 
paccbi/iOK Ha oct)MUManbHOM Be6-caMTe nporpaMMbi MoryT 
HaXOAMTbCK MHCf)OpMaUMK 0 pa 3 peilieHMM npo6/ieMbl, C KOTOpbIMM 
Bbi CTonKHynMCb; 

• npoeKT Kali coagp>kmt m noAAep>KMBaeT co6paHMe oneHb no/ie 3 HOM 
AOKyMeHTauMM Ha http://docs.kali.org; 

• npoeKT Kali Linux Mcno/ib3yeT KaHan # kali-linux b ceTM IRC 
Freenode. Bbi MO>KeTe Mcno/ib30BaTb chat.freenode.net b KanecTBe 
IRC-cepBepa Ha nopTy 6667 Ann TLS-3ai±iMc|3poBaHHoro 
coeAMHeHMK m/im nopTa 6666 Ann TeKCTOBoro coeAMHeHMK. HTo6bi 
npMCOeAMHMTbCK K 06 cy>KAeHMKM B IRC, Bbi AO/l>KHbl MCn0/lb30BaTb 
IRC-k/imcht, TaKoPi KaK hexchat (b rpacj^MHecKOM pe>KMMe) m/im irssi 
(b KOHco/ibHOM pe>KMMe). CymecTByeT Tao<e Be6-K/iMeHT, 
AOCTynHbiM Ha webchat.freenode.net 23 ; 

• Ocf)MUMa/ibHbie cjDopyMbi coo6mecTBa Kali Linux pacno/io>KeHbi Ha 
forums.kali.org 24 ; 

• Ec/im Bbi o6Hapy>KMTe oniM6Ky b nporpaMMe, Bbi MO>KeTe MCKaTb 
OTHeTbl 06 0LUM6KaX M/IM C 03 AaBaTb MX CaMOCTOKTe/lbHO. 
06 K 3 aTe/ibHO c/ieAyMTe M 3 /io>KeHHbiM Bbirne peKOMeHAauMKM, 
HT06bl y6eAMTbCK, HTO OTHeT HeTKMM, BCeobteM/lKDIAMM M nOBbllliaeT 
BepoKTHOCTb Toro, hto oniM6Ka 6yAeT ycTpaHeHa pa 3 pa 6 oTHMKaMM 
cBoeBpeMeHHo; 

• HeKOTopbie OTneTbi 06 oniM6Kax AO/i>KHbi 6biTb OTnpaB/ieHbi b Kali, 


23 https://webchat.freenode.net 
24 https://forums. kali.org 
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a flpyrkie MoryT 6 biTb noflaHbi b Debian. KoMaHfla Tuna dpkg -s 
package-name \ grep ^ Version: noicaweT HOMep Bepcm/i m 
6 yAeT MMeTb noMeTKy «kali», ecni/i bto moam (£n 141/1 poBaHHbM Kali 
naKeT; 

• Onpefle/ieHna cooTBeTCTByiomero BamePi oi±ii/i 6 i<e npoeKTa 1/1 
HaxowAem/ie Mecra, KyAa noAaBaTb OTneT o 6 bNHO He nBnneTcn 
cepbe3HoPi npo 6 neMoPi. npocTO npocMOTpi/ue cooTBeTCTBy kdluhm 
B e 6 -caPiT, KOTopbiPi o 6 bNHO OTo 6 pa>KeH b none Homepage MeTa- 
AaHHbix naKeTMpoBaHMn; 

• Kali ncnonb3yeT 6ar TpeKep b HHTepHeTe Ha https://bugs.kali.org, 
TAe Bbl MO>KeTe aHOHl/IMHO 03 HaK 0 MHTbCn CO BCeMH OTHeTaMH 06 
oi±ii/i6i<ax, ho ecni/i Bbi xon/ue npoKOMMeHTHpoBaTb nni/i noAaTb 
HOBbiM OTneT 06 oi±ii/i6i<e, BaM Heo6xoAHMO 3 aperncTpnpoBaTb 
yneTHyio 3 anncb; 

• Debian ncnonb3yeT (b ochobhom) ci/icTeMy OTcne>KHBaHnn oi±ii/i6ok 

Ha ocHOBe aneKTpoHHoPi noHTbi, i/i3BecTHyK) KaK Debbugs. HTo6bi 
OTKpbITb HOBbiM OTHeT 06 011IM6Ke, Bbl MO>KeTe OTnpaBHTb 

aneKTpoHHoe nncbMO (co cneui/ianbHbiM cMHTaiccMcoM) Ha 
submit@bugs.debian.org nni/i Bbi MO>KeTe ncnonb30BaTb KOMaHAy 
reportbug, KOTopan npoBeAeT Bac nepe3 btot npouecc; 

• XoTn MHorne npoeKTbi pa3MemeHbi Ha GitHub m ncnonb3yK)T GitHub 
Issues A-rm OTcnewMBaHMn mx oi±im6ok, ecTb m MHorne Apyrne, y 
KOTopbix ecTb CB01/1 co6cTBeHHbie Tpeicepbi. Bo3mo>kho, BaM 
npMAeTcn MccneAOBaTb ocHOBbi m npaBHna Apyrnx TpeKepoB 
oi±ih6ok, ecnH BaM Hy>KHO 6yAeT ony6nnKOBaTb TaM OTneT 06 
oinn6Ke. 

Tenepb, KorAa y Bac ecTb ocHOBHbie HHCTpyMeHTbi A-rm HaBMrau mm no 

Linux, ycraHOBKH h HacrpoMKM Kali, a Taioxe A-rm HacrpoMKM BaniePi 

CMCTeMbi h nonyneHMn noMomn, npmuno BpeMn B3rnnHyTb Ha 

6noKnpoBKy Kali, HTo6bi Bbi Mornn 3amnTHTb cbokd HHCTannnumo, a 

Ta K>Ke AaHHbie cBoero KnkieHTa. 
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HacTb 7: 3amma m mohmtopmht Kali Linux 

CoaepwaHne: 

7.1 OnpeAeneHne no/ii/iTi/iKi/i 6e3onacHOCTi/i 

7.2 Bo3MO>KHbie Mepbi 6e3onacHOCTM 

7.3 3amnTa ceTeBbix c/iy>K6 

7.4 BpaHAMayap mjim c|3i/i.nbTpai4Mfl naKeTOB 

7.5 MoHUTopHHr n npoTOKO-ni/ipoBai-me 

7.6 lloABeASM mtoth 

K/ifoneBbie c/iOBa maBbi: 

• rio/iMTMKa 6e3onacHOCTn; 

• BpaHAMayap iptables; 

• Mohhtophht JlornpoBaHne; 
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KaK mnbKO Bbi HanHeTe Mcno/ib30BaTb Kali Linux unn 6onee 
KOHc^MAeHUManbHOM i/i BbicoKonpoc|DMnbHOM pa6oTbi, BaM, cKopee 
Bcero, cpa3y noHaflo6uTbCjR OTHecmcb k 6e3onacHOCTM BameM 
MHCTa/irmuMM HaMHoro cepbe3HeM. B btom rnaBe Mbi BHana/ie o6cyflMM 
no/iuTMKy 6e3onacHOCTM, BbiAe/iMM pa3/iMHHbie MOMeHTbi, KOTopbie 
cneAyeT yHMTbiBaTb npn onpeAe/iem/ii/i noAo6Horo poAa no/iMTMKM, m 
BbiAe/iuTb HeKOTopbie yrpo3bi A-rm BameM cMcreMbi m A-nfl sac KaK 
cneqMa/iMCTa b ccj^epe 6e3onacHOCTM. Mbi TaKwe o6cyAMM Mepbi 
6e3onacHOCTM A-rm HoyT6yKOB m AecKTonHbix cMcreM, a Tao<e 
cocpeAOTOHMMCJR Ha 6paHAMayapax m ct)M/ibTpai4MM naKeTOB. B 
HaCTHOCTM, Mbi 06 cyAMM MHCTpyMeHTbl MOHMTOpMHTa M CTpaTei~MM, a 
TaK>Ke noKa>KeM BaM, KaK HaM/iynmMM o6pa30M pea/iM30BaTb mx A-na 
o6Hapy>KeHM?i noTeHUMa/ibHbix yrpo3 A-nfl BameM CMcreMbi. 


7.1 OnpeAe/ieHMe iio/imtmkm 6e3onacHOcm 

HeT HMKaKoro cMbic/ia o6cy>KAaTb 6e3onacHOCTb b o6meM, nocKO/ibKy 
MAea npeACTaB/iaeT co6om lumpokmm cneKTp noH^TMM, MHcrpyMeHTOB 
m npoqeAyp, hm OAHa M3 KOTopbix He npMMeHfleTCfl noBceMecTHO. Bam 
Bbi6op cpeAM 3Toro mMpoKoro cneKTpa, b nepByio onepeAb, 6yAeT 
3aBMceTb ot nocTaB/ieHHOM BaMM 3aAaHM. 3ai±iMTa cMCTeMbi 
HaHMHaeTca c OTBeTa Ha HecKO/ibKO BonpocoB. CrpeM/ieHMe k 
BHeApeHMK) npoM3BO/ibHoro Ha6opa MHCTpyMeHTOB conpaweHO c 
Pmckom cocpeAOTOHMTb C9\ Ha HenpaBM/ibHbix acneKTax 6e3onacHOCTM. 

5e3yc/iOBHO, BcerAa nynme onpeAe/iMTb KOHKpeTHyio ue/ib. 
TpaMOTHbIM nOAXOA, KOTOpbIM nOMO>KeT BaM B 3T0M 3aK/lK)HaeTCfl B 
nocTaHOBKM cneAyiomMx BonpocoB: 

• Hto Bbi nbuaeTecb 3amMTMTb? no/iMTMKa 6e3onacHOCTM 6yAeT 
OT/lMHaTbCfl B 33BMCMM0CTM OT TOTO, XOTMTe /1M Bbi 3aLUMTMTb 
KOMnbiOTepbi m/im AaHHbie. B noc/ieAHeM c/iynae BaM Tao<e 
Heo6xOAMMO 3HaTb, K3KMe MMeHHO ASHHbie Bbi XOTe/lM 6bl 
3aLUMTMTb. 

• Ot vero Bbi XOTMTe 3a mMTMTbCfl ? 3to MO>KeT 6biTb yTenKa 
MHcj^opMauMM m/im c/iyHaMHafl noTepa AaHHbix, bo3mo>kho penb 
mast o noTepe AOxoAa, Bbi3BaHHOM HapymeHMeM pa6oTbi c/iy>K6. 

• TaK>Ke OT KOTO Bbi XOTMTe 3aLUMTMTbCfl? Mepbi 6e30naCH0CTM 
6yAyT coBepmeHHO pa3HbiMM, HanpMMep, A-n^ 3ai±iMTbi ot 
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c/iynaMHOM onenaTKM nocroflHHbiM no/ib30BaTe/ieM CMCTeMbi m/im 
>Ke Ann 3amnTbi ot onpeAe/ieHHOM rpynnbi BHeuiHMx 
3/lOyMblLU/ieHHMKOB. 

TepMMH «pncK» o6bNHO Mcno/ib3yeTCfl A-n^ coBMecTHoro 
0603HaHeHMf1 3T MX TpeX Ct)aKTOpOB: HTO 3aLUHTMTb, HTO Hy>KHO 
npeAOTBpaTMTb, m kto AO/i>KeH bto CAe/iaTb. MoAe/ii/ipya pmckm BaM b 
nepByK) onepeAb Heo6xoAHMO OTBeTMTb Ha Tp m 3thx Bonpoca. Ha 
3tom MOAe/ii/i pMCKa MO>KeT 6biTb nocTpoeHa nojiMTMKa 6e3onacHOCTM, 
m Aa/iee 3Ta no/iMTMKa MO>KeT 6biTb pea/iM30BaHa nyTeM npi/iHATi/m 
KOHKpeTHbix pemeHHH m Bbino/iHeHMA nocneAOBaTe/ibHOCTM 
onpeAeneHHbix asmctbmm. 


HeM3MeHHblM Bonpoc 

Bpioc HlHaPiep (Bruce Schneier), mmpobom BKcnepT no BonpocaM 
6e3onacHOCTM (m He TO/ibKO no KOMnbKrrepHOM 6e3onacHOCTM), 
nbITaeTCfl npOTMBOCTOflTb OAHOMy M3 CaMbIX B3>KHblX MM(f)OB B 
coBpeMeHHOM 6e3onacHOCTM, Mcno/ib3yfl asbh3: «5e3onacHOCTb - bto 
npouecc, a He npoAyKT». Aktmbh, KOTopbie Hy>KHO 3aLumuaTb, 
MeH^KDTCjq co BpeMeHeM, m tohho TaK>Ke MeHflKrrcfl yrpo3bi m cpeACTBa, 
AOCTynHbie noTeHUManbHbiM 3/ioyMbnu/ieHHHKaM. flawe ec/iM 
no/iMTMKa 6e3onacHOCTM M3HaHa/ibHO 6bma a6co/iK)THO rpaMOTHO 
pa3pa6oTaHa m pea/iM30BaHa, Bbi HMKorAa He AO/i>KHbi 
ocTaHaBnMBaTbca Ha AOCTi/irHyTOM. KoMnoHeHTbi pMCKa pa3BMBaiOTCfl 
M MeHflIOTCfl, M OTBeT Ha 3T0T pHCK AO/l>KeH pa3BMBaTbCfl AO/l>KHblM 
o6pa30M. 


KpoMe Toro, oneHb b3>kho yHMTbiBaTb Aono/iHMTe/ibHbie orpaHi/NeHi/m, 
nocKO/ibKy ohm MoryT orpaHMHMBaTb Anana30H AOCTynHbix no/iMTMK. 
Ba>KHO noHMMaTb, HacKO/ibKO Aa/ieKO Bbi roTOBbi 33mtm Ann 3amm"bi 
co6cTBeHHOM CMCTeMbi? 3tot Bonpoc MMeeT 6onbiuoe 3HaneHMe A-rm 
pea/iM3auMM no/iMTMKM. C/imlukom nacro OTBeT onpeAenaeTCfl TO/ibKO 
C TOHKM 3peHMJR ASHe>KHblX M3ASp>KeK, HO T3K>Ke C/ieAyeT yHMTbIBaTb 
Apyrne 3/ieMeHTbi, TaKMe KaK ko/imhcctbo HeyAo6cTB, Ha/io>KeHHbix Ha 
no/ib30BaTeneM CMCTeMbi v\nv\ yxyALueHMe npoM3BOAHTe/ibHOCTM. 

KaK TO/lbKO OCHOBHbie PMCKM 6yAyT CMOAe/lMpOBaHbl, Bbi CMO>KeTe 
npMCTynMTb k npoeKTMpoBaHMio no/iMTMKM 6e3onacHOCTM. 
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ECTb KpaPiHOCTM, C KOTOpbIMM Bbl MO>KeTe CTOAKHyTbCfl npM npMHATMM 
peweHi/m o Heo6xoAHMOM ypoBHe 6e3onacHOCTM. C oahom cropoHbi, 
Hpe3BbNaPiHO npocTO o6ecneHHTb 6a30ByK) 6e3onacHOCTb cMCTeMbi. 

HanpuMep, ec/in cMcreMa, KOTopaa AO/i>KHa 6biTb 3 ammueHa, 
npeACTaB/iaeT co6oPi Bcero nmub noAepwaHHbiPi KOMnbKrrep, 
eAHHCTBeHHoPi 3aAanePi KOToporo ABAseTCfl Ao6aBneHne HecKOAbKMx 
Hkicen b KOHue aha, to peuieHMe He Ae/iaTb HMnero oco6eHHoro aaa 
Toro, HTo6bi 3amnTHTb ero, ABAaeTCA BnoAHe ce6e pa3yMHbiM m 
aAGKBaTHbiM. BHyTpeHHee 3HaneHne CMCTeMbi HM3Koe, a 3HaneHne 
AaHHbix paBHO HynK), TaK KaK ohm He xpaHATca Ha KOMnbKrrepe. 
IIOTeHUMa/lbHblM 3/lOyMblLLI/ieHHMK, npOHMKLUMM B 3Ty CMCTeMy, 
nonyHMT TO/ibKO Ka/ibKy/i^Top. Ctommoctb o6ecneHeHMfl TaicoPi 
CMCTeMbi, BepoaTHO, 6yAeT 6o/ibiue, neM ctommoctb ee B3/iOMa. 

C APyrOM CTOpOHbl, Bbl, B03M0>KH0, 3aXOTMTe 3aLUHTMTb 
KOHCf)MASHUMa/lbHOCTb CeKpeTHbIX ASHHblX CaMbIM BCeo6'beMAK)LUHM 
nyTeM, iokmm mnbKO bo3mo>kho, 3a6biB npM 3tom o KaKMX-/iM6o 
ApyrMx Bonpocax. B btom c/iynae noAxoAflLUHM cnoco6oM pea/iM3auMM 
BamePi ue/iM 6yAeT no/iHoe yHMHTO>KeHMe AaHHbix (6e3onacHoe 
CTMpaHMe ct)aPi/iOB, M3MenbneHMe >KecTKMx ahckob b 6MTbi, 3aTeM 
pacTBopeHMe btmx 6mtob b KMc/iOTe m t. a-)- Ecam ecTb 
AonoAHMTeAbHoe Tpe6oBaHMe, KOTopoe 3aKAK)HaeTCfl b tom, hto 3tm 
AaHHbie AOA>KHbi coxpaHMTbca b naMATM unn 6yAymero 
McnoAb30BaHM?i (xoTfl m He 6biTb BcerAa nerico AOCTynHbiMM), m ecAM 
CTOMMOCTb aaa Bac no-npe>KHeMy He ABAAeTca BecoMbiM c^aKTopoM, 
to onTMMaAbHbiM BapMaHTOM 6yAeT xpaHeHMe AaHHbix b Kopnyce, 

COCTOALUeM M3 MpMAMM-nAaTMHOBbIX llAaCTMH, XpaHALUSMCA B 
6oM6oHenpoHMuaeMbix 6yHKepax noA pa3HbiMM ropaMM b MMpe, 
Ka>KAblPi M3 KOTOpbIX (KOHeHHO >Ke) M ABAfleTCA nO/lHOCTbK) CeKpeTHbIM 
M OXpaHAeTCA UeAbIMM apMMAMM. 

Bo3mo>kho, 3tm npMMepbi MoryT noKa3aTbCA BaM oneHb rpoTecKHbiMM, 
ohm, TeM He MeHee, asiot a6coAK)THO aAeKBaTHbiPi otbct Ha 
onpeAeAeHHbie pmckm, nocKO/ibicy ohm abaaiotca pe3yAbTaTOM 
MbicAMTeAbHoro npouecca, KOTopbiPi b cboio onepeAb paccMaTpMBaeT 
nocTaBAeHHbie ueAM m orpaHMneHMA, KOTopbie Bbi TaK>Ke yHMTbiBaeTe. 
I/ICXOA^ M3 060 CH 0 BaHH 0 l "0 peilieHMA, HMK3K3A nOAMTMKa 
6e3onacHOCTM He abaactca 6oAee mam MeHee AOcraTOHHOM, neM 
Aio6aA ApyraA. 
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Bo3Bpamaacb k 6o/iee TMnMHHOMy c/iynaK), MH^opMauMOHHafl 
CMCTeMa MO>KeT 6biTb cerMeHTMpoBaHa b nocneAOBaTe/ibHbie m, b 
ochobhom, He3aBncnMbie noACMCTeMbi. Ka>KAaa noACMcreMa 6yAeT 
i/iMeTb cbom co6cTBeHHbie Tpe6oBaHM?i m orpam/iHeHi/m, noaTOMy 
oqeHKa pMCKa m pa3pa6oTKa no/iMTMKM 6e3onacHOCTM AO/i>KHbi 
npoBOAHTbca OTAe/ibHO A-n^ iojkaom noACMCTeMbi. XopouiMM npMHunn, 
KOTOpbIM C/ieAyeT MMeTb B BMAy, coctoht b tom, HTO ManyK) 
noBepxHOCTb aTaKM HaMHoro nerne 3ammuaTb, neM 6o/ibiiiyK). 
CeTeBaa opraHM3auMu Ta K>Ke AO/i>KHa 6biTb cnpoeKTMpoBaHa 
c/ieAyK)mnM o6pa30M: yu3BMMbie c/iy>K6bi AO/i>KHbi 6biTb 
CKOHUeHTpi/ipOBaHbl Ha He 60 /lbLU 0 M KO/lMHeCTBe MaLUMH, M 3TM 
MaLUMHbl AO/l>KHbl 6blTb AOCTyilHbl TO/lbKO Hepe3 MMHMMa/lbHOe 
KO/lMHeCTBO MapLUpyTOB M/1M KOHTpO/lbHblX TOHeK. JlOrMKa OHeHb 
npocTa: uerne 3ammnaTb stm KOHTpo/ibHbie tohkm, neM 3ammuaTb Bee 
yfl3BMMbie MaLUMHbl, COAep>Kamne KOHCjDMASHUMa/lbHyK) MHCf)OpMaUMK), 
ot Bcero BHeniHero MMpa. Mmchho b stot momcht cTaHOBMTcu 
oneBMAHOM no/ib3a ceTeBOM cjDM/ibTpaMMM (b tom HMc/ie 
6paHAMay3paMM). 3Ta c^MUbTpauMa MO>KeT 6biTb pea/iM30BaHa c 
noMOLUbio Mcno/ib30BaHMa cnepMa/ibHoro o6opyAOBaHMu, ho 6o/iee 
npocTbiM m tm6kmm pemeHMeM uBrmeTCfl Mcno/ib30BaHMe 
nporpaMMHoro 6paHAMayapa, MHTerpMpoBaHHoro b ua po Linux. 


7.2 Bo3MO>KHbie iv\epbi 6e3onacHOCTM 

Kax y>Ke noucHu/iocb b npeAbiAymeM pa3Ae/ie, HeT eAUHoro OTBeTa Ha 
Bonpoc o tom, Kax 3amnTMTb Kali Linux. Bee 33bmcmt ot toto, iokmm 
o6pa30M Bbi ero Mcno/ib3yeTe m hto mmchho Bbi nbiTaeTecb 3ai±iMTMTb. 


7.2.1 Ha cepBepe 

Ec/im Bbi 3anycTMTe Kali Linux Ha o6meAOCTynHOM cepBepe, Bbi, 
CKopee Bcero, 3axoTMTe 3ai±iMTMTb ceTeBbie c/iy>K6bi nyTeM M3MeHeHMu 
uio6bix napo/ieu no yMO/inaHMio, KOTopbie MoryT 6biTb HacTpoeHbi (cm. 
Pa3Ae/i 7.3 «3ai±iMTa ceTeBbix c/iy>K6» [cTp. 153]) m, bo 3 mo>kho, 
TaK>Ke nyTeM orpaHMneHMu mx AOCTyna c noMombio 6paHAMayapa (cm. 
pa3Ae/i 7.4, «BpaHAMayap mum cj^MUbTpauMu naKeTOB» [cTp. 153]). 
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Ecam Bbi nepeflaeTe yneTHbie 3anncn no/ib30BaTe/ieM am6o 
HenocpeACTBeHHO Ha cepBepe, /in60 Ha oahom m3 cAyw6, Bbi b ak>6om 
c/iynae 3axoTHTe y6eAMTbca, hto Bbi ycraHaBAMBaeTe HaAewHbie 
napo/iM (ohm AOAWHbi 6biTb cnoco6Hbi npoTMBOCTOATb brute-force 
aTaKaM). B to we BpeMA Bbi MOweTe 3axoTeTb ycTaHOBMTb faH2ban, 
hto 3HaHMTe/ibHO yc/iowHMT b3/iom napoAei/i c noMOLUbio brute-force 
no ceTM (oTcf)M/ibTpoBbiBa?i IP-aApeca, KOTopbie npeBbimaiOT ammmt 
HeyAanHbix nonbiTOK bxoas b cMCTeMy). YcraHOBMTe fail2ban c 
noMOLUbio apt update, 3a KOTopbiM cneAyeT KOMaHAa apt install fail 
2ban. 

Ec/im Bbi 3anycKaeTe Be6-c/iy>K6bi, Bbi, BepoflTHO, 3axoTMTe 
pa3MecTMTb mx nepe3 HTTPS, HTo6bi ceTeBbie nocpeAHMKM He 
OTC/ie>KMBa/lM Baill Tpact)MK (XOTOpbIM MOWeT BK/lK)HaTb B Ce6fl C^aM/lbl 

ayTeHTMcjDMKauMM cookie). 


7.2.2 Ha HoyT6yKe 

HoyT6yK TecTMpoBLAMxa Ha npoHMKHOBeHMe He noABepweH TeM we 
PMCK3M, HTO M OTXpbITbIM CepBep: HanpMMep, MeHee BepOATHO, HTO Bbi 
CTaHeTe o6"bexTOM cnynaMHoro cxaHMpoBaHMA co cTopoHbi cxpnnT- 
kmaah, m Aawe, ec/iM bto npoM30MAST, y Bac bpra am 6yAyT 
AOCTynHbiMM KaKMe-AM6o ceTeBbie cAyw6bi. 

PeaAbHbiPi pmck B03HMKaeT MMeHHO TorAa, KorAa Bbi nyTemecTByeTe 
ot oahoto KAMeHTa k ApyroMy. HanpMMep, Bam HoyT6yx MOweT 6biTb 
yxpaAeH bo BpeMA noAo6Horo poAa noe3AKM mam M3"bAT Ha TaMOWHe. 
Bot noneMy Bbi, cxopee Bcero, 3axoTMTe McnoAb30BaTb noAHoe 
mMcjDpoBaHMe A^cxa (cm. Pa3AeA 4.2.2 «YcTaHOBxa Ha noAHOCTbio 
3amMCf)pOBaHHOM (f)aMAOBOM CMCTeMe» [CTp. 85]) M, B03M0WH0, Taxwe 
HacTpoMTe cjDyHKMMio «nuke» (cm. «flo6aBAeHMe napoAA Nuke aaa 
AonoAHMTeAbHOM 6e3onacHOCTM "[CTp. 245]): AaHHbie, KOTopbie Bbi 
C 06 paAM BO BpeMfl BameM pa 60 Tbl, ABAAKDTCA XOHC|}MAeHI4MaAbHblMM m 
Tpe6yiOT MaKCMM3AbH0M 3aLUMTbl. 

BaM Taxwe MoryT noTpe6oBaTbCA npaBMAa 6paHAMay3pa (cm. Pa3AeA 
7.4, «BpaHAMay3p mam c^MAbTpauMA naxeTOB» [CTp. 153]), ho He aaa 
tom we ueAM, hto m Ha cepBepe. Bo3mowho, Bbi 3axoTMTe 3anpeTMTb 
Becb mcxoa^lumm TpacJ^Mx, xpoMe Tpacj^Mxa, reHepMpyeMoro BamMM 
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VPN-AOCTynoM. 3to noAo6HO 6e3onacHOM ceTM, Taic hto ec/iM 
nepecTaeT pa6oTaTb, Bbi MOMeHTa/ibHO 3aMenaeTe bto (BMecTO Toro, 
HTo6bi B03BpamaTbCjR k noKa/ibHOMy ceTeBOMy AOCTyny). TaKMM 
o6pa30M, Bbi He pa3rnaiuaeTe IP-aApeca cbomx K/iMeHTOB npi/i 
npocMOTpe Be6-CTpaHMM m/im Apyrnx ceTeBbix AeMCTBMax. KpoMe Toro, 
ec/iM Bbi Bbino/iHfleTe noKa/ibHoe BHyTpeHHee B3anMOAeMCTBne, 
nyHLUe BCerO KOHTpO/lMpOBaTb CBOK) ASflTe/lbHOCTb, HT 06 bl yMeHbLUMTb 
LuyM, co3AaBaeMbiM b ceTi/i, KOTopbiM MO>KeT npeAynpeAHTb K/iMeHTa m 
MX CMCTeMbl 3aLUHTbl. 


7.3 3amnTa ceieBbix c/iy>K6 

5e3yc/iOBHO, OTK/iK)HMTb c/iy>K6bi, KOTopbie Bbi He Mcno/ib3yeTe, 
nsnnejcn ot/imhhom maggm . Kali ynpomaeT bto, nocKO/ibKy 
6onbiiiMHCTBO ceTeBbix cny>K6 no yMO/inaHMio OTK/iiOHeHbi. 

noKa c/iy>K6bi ocraiOTCfl OTK/noHeHHbiMM, ohm He npeACTaBrmiOT 
yrpo3bi 6e3onacHOCTM. OAHaKO Bbi AO/i>KHbi 6biTb ocTopo>KHbi npM mx 
BK/ uoneHMM, noTOMy hto: 

• no yMO/inaHMK) y hmx HeT 6paHAMayapa, nosTOMy, ec/iM ohm 
npoc/iyuiMBaiOT Bee ceTeBbie MHTep<t>eMCbi, to ohm AB.nflK)TCfl 
AOBO/ibHO AOCTynHbiMM Ann o6mecTBeHHOCTM. 

• HeicoTopbie c/iy>K6bi He MMeiOT yneTHbix AaHHbix m no3BonaK)T 
ycTaHaBnMBaTb mx npM nepBOM Mcnonb30BaHMM; ApyrMe MMeiOT 
CTaHAapTHbie (m, c/ieAOBaTenbHO, lumpoko M3BecTHbie) yneTHbie 
AaHHbie. YAOCTOBepbTecb, hto Bbi (nepe)ycTaHOBMHM napo/ib, 
KOTOpbIM M3BeCTeH TO/lbKO BaM. 

• MHorMe cny>K6bi Bbino/iHflK)TCfl c npaBaMM root m, 

COOTBeTCTBeHHO, C nO/lHblMM npaBaMM aAMMHMCTpaTOpa, 
noaTOMy noc/ieACTBMjR HecaHKUMOHMpoBaHHoro AOCTyna m/im 
HapyweHMfl 6e3onacHOCTM o6biHHO flBrmiOTCfl 

KaTaCTpOCf)MHeCKMMM. 


YneTHbie AaHHbie no yMO/maHHio 

Mbi He 6yAeM nepenMcrmTb 3Aecb Bee MHcrpyMeHTbi, KOTopbie 
nocTaB/i?iK)Tc?i c yneTHbiMM AaHHbiMM no yMonnaHMio, BMecTO btoto Bbi 
AO/i>KHbi npoBepMTb cjoaM/i README.Debian cooTBeTCTByiOLUMX 
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naiceTOB, a Tai<>Ke docs.kali.org 1 m tools.kali.org 25 26 , HTo6bi y3HaTb, 
Hy>KAaeTCfi /im cny>K6a b cneuMa/ibHOM o6c/iy>KMBaHMM unn 
o6ecneHeHMfl AOcraTOHHoro ypoBHA 6e3onacHOCTM. 

Ec/im Bbi 3anycTMTecb b pe>KMMe pea/ibHoro BpeMeHM, napo/ib yneTHOM 
3anncn root 6yAeT «toor». TaKMM o6pa30M, Bbi He AO/i>KHbi BK/nonaTb 
SSH nepeA M3MeHeHneM napo/ia yneTHOM 3anncn root m/im nepeA TeM, 
KaK HacTpoMTb cbokd KOHcj^MrypauMio A-n^ 3anpeTa BxoAa Ha ocHOBe 
naporm. 

TaK>Ke o6paTme BHMMaHMe, hto, KaK M3Becmo, npoeKT BeEF ((m3 y>Ke 
ycTaHOB/ieHHoro naKeTa beef-xss ) MMeeT yneTHbie AaHHbie no 
yMO/inaHHK): hm^i no.nb30BaTe.rm "beef", m napo/ib "beef"), >KecTKO 
3aKOAnpoBaH b c^aPi/ie KOHcj^MrypauMM. 


7.4 EpaHflMayap m/im (|)M/ibTpaL^km naKeTOB 

BpaH/jMayap AB/meTca nacTbio KOMnbKrrepHoro o6opyAOBaHna c 
annapaTHbiM o6ecneneHMeM, nporpaMMHbiM o6ecneneHMeM m/im m TeM, 
m ApyrMM, KOTopoe aHa/iM3npyeT BxoA^mne m/im McxoA^mne ceTeBbie 
naKeTbi (npi/ixoAflmne m/im McxoAflLUMe M3 ziOKa/ibHOM ceTM) m 
npOnyCKaeT TO/lbKO Te, KOTOpbie COOTBeTCTByiOT KOHKpeTHbIM 
npeAonpeAe/ieHHbiM yc/iOBMAM. 

0n/ibTpyK)mnti ceTeBoPi LU/1KD3 AB/meTca Ti/inoM 6paHAMay3pa, 
KOTopbiM 3ammuaeT bcio ceTb. 06biHHO oh ycraHaB/iMBaeTca Ha 
BblAe/ieHHbIM KOMnbKDTep, CKOHCj3MrypnpOBaHHblM KaK LU/1K03 A/lfl ceTM, 
TaKMM 06pa30M, HTO OH MO>KeT aHa/lM3MpOBaTb Bee naKeTbi, KOTOpbie 
npoxoA^T m BbixoA^T M3 ceTM. B KanecTBe a/ibTepHaTMBbi cymecTByeT 
noKa/ibHbiM 6paHAMayap, BbicrynaiOLUMM c/iy>K6oM nporpaMMHoro 
o6ecneneHMfl, KOTopaa pa6oTaeT Ha oahom KOHKpeTHOM ManiMHe, 
HT 06 bl Cj^MnbTpOBaTb M/IM OTpaHMHMBaTb AOCTyn K HeKOTOpbIM C/iy>K6aM 
Ha 3T0M KOMnbKDTepe M/IM, B03M0>KH0, npeAOTBpamaTb MCXOA^mne 
coeAHHeHMjR ot pa3/iMHHoro LunMOHCKoro nporpaMMHoro 
o6ecneneHMfi, KOTopoe no/ib30BaTe/ib Mor ycTaHOBMTb c/iynaMHO m/im 
cneuManbHO. 


25 https://docs. kaTi.org 
26 https://tools. kali.org 
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flAPO Linux BCTpauBaeT 6paHAMayap netfilter . He cymecTByeT 
OKOHHaTenbHoro peuieHMA no Hacrpoi/iKe /iK)6oro 6paHAMayapa t.k. 
Tpe6oBaHna no/ib30BaTe/ifl m ceTM AOBO/ibHO pa3HATCfl. TeM He MeHee, 
Bbi MO>KeTe KOHTpo/ii/ipoBaTb netfilter M3 no/ib30BaTe/ibCKoro 
npocTpaHCTBa c noMombK) KOMaHA iptabtes m ip6tabtes. Pa3Hnua 
Me>KAy 3TMMM AByMfl KOMaHAaMM 3aK/lK)HaeTCf1 B TOM, HTO nepBafl 
pa6oTaeT A-rm ceTei/i IPv4, TorAa KaK noc/ieAHflfl pa6oTaeT Ha IPv6. 
nocKO/ibicy 06a CTeKa ceTeBbix npoTOKO/iOB, BepoaTHO, 6yAyT 
pa6oTaTb b TeneHi/ie mhothx neT, 06a MHcrpyMeHTa Heo6xoAHMO 6yAeT 
ncnonb30BaTb napa/i/ie/ibHO. Bbi Tai<>Ke MO>KeTe Mcno/ib30BaTb 
OT/iMHHbiM MHCTpyMeHT fwbuitder Ha ocHOBe rpa$MnecKoro 
HHTepc^ePica no/ib30BaTe/ifl, KOTopbiPi o6ecneHMBaeT rpa$MnecKoe 
npeACTaBneHMe npaBM/i $M/ibTpauMM. 

OAHaKO, Bbi Bee >Ke peuiM/iM HacrpoMTb ero, netfilter flBrmeTCfl 
pea/iM3ai4neM 6paHAMay3pa Linux, no3TOMy AaBaPiTe noApo6Hee 
paccMOTpHM, KaK oh pa6oTaeT. 


7.4.1 noBeA,eHMe Netfilter 

Netfilter ncno/ib3yeT neTbipe pa3/iMHHbie Ta6/inubi, b KOTopbix 
xpaHATca npaBH/ia, perynkipyiomne Tp m Tuna onepauMM npoBOAUMbix 
HaA naKeTaMi/i: 

• filter KacaeTCjR npaBH/i $M/ibTpauMM (npi/iHJiTi/i5i, OTKa3a m/im 
nrHopnpoBaHM5i naKeTa); 

• nat (TpaHc/iflMMfl ceTeBbix aApecoB (Network Address Translation)) 
KacaeTca nepeBOAa McxoAHbix m/im ueneBbix aApecoB 1/1 nopTOB 
naKeTOB; 

• mangle othocmtca k ApyrMM M3MeHeHH5iM b IP-naKeTax (BK/nonaa 
ToS (none Tuna o6c/iy>Ki/iBaHi/m) Type of Service-field m onunn)); 

• raw no3BormeT Apyrne M3MeHeHi/i5i, npoBOAHMbie BpyHHyio, HaA 
naKeTOM nOKa OHM He AOCTMTHyT CMCTeMbl OTGTie>KMBaHM51 
COeAMHeHMfl. 

Ka>KAajR Ta6/iMMa coasp>kmt cnucKM npaBM/i, Ha3biBaeMbix qenflMM 
( chains ). BpaHAMayap Mcno/ib3yeT cTaHAapTHbie uenM A-nfl o6pa6oTKM 
naKeTOB Ha ocHOBe npeAonpeAe/ieHHbix o6cTOflTe/ibCTB. 
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AflMMHucTpaTop MOweT co3flaBaTb flpyrkie uenoHKH, KOTopbie 6yflyT 

Mcnonb30BaTbCJi TO/ibKO np h nepeAane oahoh H3 cTaHflapTHbix 

uenoneK ( 6 yflb to np^MO h/ih KOCBem-io). 

Ta 6 /iHua filter 06 /iaAaeT TpeMA cTaHflapTHbiMM uenflMi/i: 

• INPUT (BXOflflmMMM): KacaeTCjR naKeTOB, Ha3HaneHHeM KOTopbix 
jRB/ijReTCjR caM 6paHflMay3p; 

• OUTPUT (l/ICXOfl^LI41/IMl/l): KacaeTca naiceTOB, BbinycKaeMbix 
6paHflMay3poM; 

• FORWARD (nPflMbIMI/l): KacaeTca naKeTOB, npoxofljRinnx nepe3 
6paHflMay3p (KOTopbin He nBnnercn hh hx hctohhhkom, hh mcctom 
Ha3HaHeHHjq). 

• Ta6nnua natTaK>Ke 06/iaAaeT TpeMA cTa haspth bi m h uen^MH: 

• PREROUTING: A-rm H3MeHeHMjq naKeTOB cpa3y noc/ie hx 
nocTyn/ieHHjq; 

• POSTROUTING: Ann H3MeHeHi/m naKeTOB, KorAa ohh roTOBbi HanaTb 
cboh nyTb; 

• OUTPUT (1/1 CXOflfllH H Ml/I): Ann H3MeHeHHfl naKeTOB, 

creHepnpoBaHHbix caMHM 6paHAMy3poM. 

3th uenn H3o6pa>KeHbi Ha pncyHKe 7.1, "KaK Ha3biBaK)TCfl uenn 

NetfUter” [cTp. 155]. 



PncyHOK 7.1 KaK Ha3biBaHDTCfj Lierw Netfilter 

Ka>KAaa uenoHKa npeACTaB/ifleT co6oh cnncoK npaBH/i; Ka>KAoe 
npaBH/io npeACTaB/ijqeT co6oh Ha6op yc/iOBHH h ASHCTBne, KOTopbie 
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npeflnpnHMMaK)TCfl np1/1 Bbino/iHeHm/i yc/iOBi/m. f1pn o6pa6oTKe naKeTa 
6paHflMayap cKaHi/ipyeT cooTBeTCTByromyK) uenoHKy, oaho npaBn.no 
3a apyri/iM, n Korfla ycnoBMfl Ann OflHoro npaBi/ma Bbino/iHflKrrcfl, oh 
nepecKaKHBaeT (oTaoAa napaMeTp -j b KOMaHflax) k yKa3aHHOMy 
flePicTBHK) Ann npoAO/i>KeHHfl o6pa6oTKi/i. Hai/160/iee 
pacnpocTpaHeHHbie Ti/mbi noBefleHH^ cTaHAapTi/131/ipoBaHbi, v\ Ann hhx 
cymecTByKDT cneuna/ibHbie AePicTBHJT llpnHflTne OAHoro H3 bthx 
CT a has Pth bix ashctbhm npepbiBaeT o6pa6oTKy uenoHKH, nocKO/ibKy 
Aa/ibHePiLuaa cyAb6a naKeTOB y>Ke npeApeuieHa (He ripi/mi/iMaa bo 
BHHM aHHe HCK/iKDHeHHe, ynoMAHyToe Hn>Ke). Hn>Ke nepeHMc/ieHbi 
AePicTBHa NetfUter. 

• ACCEPT (nPI/IHflTb): no3BO.ni/iTb naiceTaM ABi/iraTbca Aanee CBoePi 
AoporoPi. 

• REJECT (OTKJlOHMTb): OTKnoHHTb naKeT c noMombK) naKeTa 
oluh6ok npoTOKO/ia ynpaBrmiOLUHx coo6meHni/i b HHTepHeTe 
(Internet control message protocol (ICMP)) (onuna -reject-with 
type onuMfl iptables onpeAermeT Tun ompaB/ifleMoPi oluh6kh). 

• DROP (CBPOCMTb): yAa/iHTb (nn-iopi/ipoBaTb) naKeT. 

• LOG (3APEri/ICTPI/IPOBATb): 3aperncTpnpoBaTb (nepe3 syslogd) 
coo6meHMA c onncaHneM naKeTa. 06paTHTe BHi/iMaHi/ie, hto bto 
ASHCTBH e He npepbiBaeT o6pa6oTKy, a Bbino/iHeHi/ie uenoHKi/i 
npoAO/i>KaeTCfl no c/ieAyromeMy npaBi/my, noaTOMy perHcrpauMA 
OTK/iOHeHHbix naKeTOB Tpe6yeT KaK npaBH/ia LOG, TaK h npaBi/ma 
REJECT/DROP. 06mne napaMeTpbi, CBfl3aHHbie c perncTpaunei/i, 
BK/iKDHaiOT b ce6n : 

• -log-level, c npeAynpe>KAeHneM no yMO/inaHHK), yKa3biBaeT 
ypoBeHb cepbe3HOCTM syslog. 

• -log-prefix no3BO/ifleT yKa3aTb npec|}HKc TeKCTa A-na pa3/ii/iHeHHfl 
3aperncTpnpoBaHHbix coo6meHm/i. 

• -log-tcp-sequence, -log-tcp-options, m —log-ip-options 
o6o3HanaK)T Aono/iHMTe/ibHbie AaHHbie, KOTopbie AO/i>KHbi 6biTb 
noMemeHbi b coo6meHne: cooTBeTCTBeHHO, nop^AKOBbiPi HOMep 
TCP, napaMeTpbi TCP h napaMeTpbi IP. 

• ULOG: 3aperncTpnpoBaTb coo6meHHfl nepe3 ulogd, KOTopbiPi MO>KeT 
6biTb nyHiue aAanTHpoBaH h 6o/iee acj^eKTHBeH, neM syslogd A-rm 
o6pa6oTKM 6o/ibi±ioro KO/ii/inecTBa coo6meHm/i; o6paTi/iTe 
BHMMaHHe, HTO 3T0 ASMCTBHe, nOA 06 HO LOG, T3K>Ke B03BpamaeT 
o6pa6oTKy k c/ieAyromeMy npaBi/my b Bbi3biBaK)mei/i uenoHKe. 

• chain_name (mmsi perm): nepecKOHi/iTb Ha yKa3aHHyio qenb i/i 
oueHHTb ee npaBi/ma. 
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• RETURN (BEPHYTb): npepBaTb o6pa6oTKy TeKymen uenoHKi/i n 
BepHyTbca k Bbi3biBaK>meM uenoHKe; b c/iynae, ec/in Teicymafl 
qenoHKa AB-rmeTca craHAapTHon, to Bbi3biBaK)men Menonicn He 
cymecTByeT, noaTOMy BMecTO Hee Bbino/iHfleTCfl AePicTBHe no 
yMO/inaHHK) (KOTopoe onpeAe/iaeTCfl c noMombK) napaMeTpa -p A-rm 
iptables). 

• SNAT (mnbKO b Ta6/inue nat): npHMeH^eT mctouhmk rpaHc/imjMM 
cereBbix aapecos (Source Network Address Translation (SNAT)). 
flono/iHMTe/ibHbie onunn onncbiBaiOT TOHHbie M3MeHeHMfl, KOTopbie 
Hy>KHO npMMeHMTb, BK/iKDHaa onqMK) -to-source address-port, 
KOTopaa onpeAe/iaeT HOBbiM mctohhmk IP aApeca m/m/im nopTa. 

• DNAT (mnbKO b Ta6rmi4e nat): npi/iMeHaeT Ha3HaueHne 
rpaHcnnpnn cereBbix anpecos (Destination Network Address 
Translation (DNAT)). flono/iHMTe/ibHbie onpMM onMCbiBaiOT TOHHbie 
M3MeHeHMfl, KOTOpbie Hy>KHO npMMeHMTb, BK/lK)Hafl OnUMK) -to- 
destination address-port, KOTopaa onpeAe/iaeT HOBbiM mctohhmk 
IP aApeca m/m/im nopTa. 

• MASQUERADE (MACKMPOBKA (TO/ibKO b Ta6/iMue nat)): 

npnMeHaeT MacxnpoBKy (oco6biM c/iynaM Source NAT). 

• REDIRECT (nEPEHAflPAB/lEHME (TO/ibKO b Ta6/iMue nat)): 

npo3paHHO nepeHanpaBMTb naiceT Ha AaHHbiM nopT caMoro 
6paHAMay3pa; bto mo>kho Mcno/ib30BaTb A-rm Hacrponicn 

npo3paHHoro Be6-npoKCM, KOTopbiM pa6oTaeT 6e3 KOHcjDMrypapMM 
Ha KflMeHTCKOM CTOpOHe, nOCKO/lbKy K/lMeHT CHMTaeT, hto oh 
noAK/iK)HaeTCfl k no/iynaTe/iK), TorAa KaK Ha caMOM Ae/ie 
coo6meHM?i cj^aKTMHecKM npoxoA^T nepe3 npoKCM-cepBep. OnpMfl - 
to-ports port(s) yi<a3biBaeT nopT m/im Anana30H nopTOB, b KOTopbix 
naKeTbi AO/i>KHbi 6biTb nepeHanpaB/ieHbi. 

flpyme agmctbma, oco6eHHO Te, KOTopbie KacaKrrcfl Ta6/iMMbi mangle, 

He bolu/im b AaHHbiM pa3Ae/i. He cmotpa Ha bto, Ha crpaHMuax 

pyKOBOACTBa iptables (8) m ip6tables (8) MMeeTca McnepnbiBaiOLUMM 

Od'beM MHCjDOpMaUMM. 


Hto TaKoe ICMP? 

MexccereBon nporoKon ynpasneHi/in coo6meHnnMn (Internet Control 
Message Protocol (ICMP)) flBrmeTCfl npoTOKO/iOM, Mcno/ib3yeMbiM A-rm 
nepeAaHM BcnoMoraTe/ibHoPi MH^opMauMM no coo6meHMflM. Oh 
npoBepjqeT ceTeBoe coeAHHeHMe c noMombK) KOMaHAbi ping, KOTopaa 
OTnpaB/ijqeT coo6meHMe 3anpoca OTK/inica ICMP, Ha KOTopoe 
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no/iynaTe/ib AO/i>KeH OTBenaTb c cooTBeTCTByK>mnM ICMP 
coo6meHneM. Oh cnrHann3npyeT o tom, hto 6paHAMayap OTK/iOH^eT 
naKeT, yi<a3biBaeT Ha nepenormeHMe b 6yc|}epe ripneMa, npeA/iaraeT 
nyHLUMM MapnipyTA-n^ c/ieAyK>mnx naiceTOB b coeAHHeHMM m t. a- 3tot 
npoTOKO/i onpeAermeTca HecKO/ibKMMM AOKyMeHTaMM RFC. RFC777 m 
RFC792 6bmn nepBbiMM, ho MHorne ApyrHe paci±iMpM/iM m/m/im 
nepecMOTpe/iM npoTOKO/i. 

http://www.faqs.org/rfcs/rfc777.html 

http://www.faqs.org/rfcs/rfc792.html 

fl/ia cnpaBKM, npneMHbiM 6y<t>ep npeACTaB/iaeT co6oPi He6o/ibiiiyK) 
30Hy naMATM, b KOTopoPi xpaHaTca AaHHbie Me>KAy TeM BpeMeHeM, 
KorAa ohm npMxoA^T M3 ceTM, m BpeMeHeM, KorAa jra po o6pa6oTaeT 
mx. Ec/im 3Ta 30Ha 3anonHeHa, to cooTBeTCTBeHHO, HOBbie AaHHbie He 
MoryT 6biTb no/iyneHbi, m ICMP 6yAeT cMrHa/iM3MpoBaTb o npo6/ieMe, 
HT06bl MCTOHHMK MOr 3aMeATIHTb CKOpOCTb MX nepeAaHM (KOTOpaa B 
MAea/ie ao/dkho AO/i>KHa 6biTb OTperynMpoBaHa nepe3 HeKOTopoe 
BpeMa). 

06paTMTe BHMMaHMe, hto HecMOTpjq Ha to, hto ceTb IPv4 MO>KeT 
pa6oTaTb 6e3 ICMP, ICMPv6 CTporo Tpe6yeTca A-rm ceTM IPv6, 
nocKO/ibKy oh 06'beAHHfleT b ce6e HecKO/ibKO c^yHKUMM, KOTopbie 
6bi/iM b MMpe IPv4, pacnpocTpaHfliOTCfl nepe3 ICMPv4, Internet Croup 
Membership Protocol (IGMP), m Address Resolution Protocol (ARP). 
ICMPv6 xapaKTepM3yeTCfi b RFC4443. 

http://www.faqs.org/rfcs/rfc4443.html 


7.4.2 Cmht3KCMC iptables m ip6tables 

KoMaHAbi iptables m ip6tables Mcno/ib3yK)TCfl A-rm ynpaB/ieHMA 
Ta6/iMuaMM, qenflMM m npaBM/iaMM. I/lx onuMA -t table o6o3HanaeT? c 
KaicoPi Ta6/iMuePi pa6oTaTb (no yMO/inaHMK), filter). 

KoMaHAbi 

BO/lbLUMHCTBO OnqMPl, KOTOpbie B3aMM0AePlCTByK)T C qenflMM 
nepenMc/ieHbi HM>Ke: 
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• -L chain nepeni/icrmeT npaBMna b uenoHKe. 06biHHO bto 
ncno/ib3yeTca c onui/ieM -n A-rm OTKniOHeHMfl pa3penieHi/m MMeH 
(HanpMMep, iptables -n -L INPUT 6yAeT OTo6pa>KaTb npaBMna, 
OTHOcamMecfl k bxoaalumm naKeTaM). 

• -N chain co3AaeT HOByK) uenoHKy. Bbi MO>KeTe co3AaBaTb HOBbie 
uenoHKM A-nfl MHO>KecTBa pa3/iMHHbix qenei/i, BKmoHan 
TecTMpoBaHkie hobom ceTeBOM c/iy>K6bi m/im A-rm napMpoBaHMn 

ceTeBOM 3T3KM. 

• -X chain yAanneT nycTyK) Hencnonb3yeMyK) uenb (HanpMMep, 
iptables -X ddos-attack). 

• -A chain rule Ao6aB/iaeT npaBM/io b KOHqe ashhom qenoHKM. 
noMHMTe, hto npaBM/ia o6pa6aTbiBaK)Tcn cBepxy bhm 3, noaTOMy 
He 3a6biBaMTe 06 3tom npM mx Ao6aBneHMM. 

• -I chain rule_num rule BCTaBrmeT npaBM/io nepeA HOMepoM 
npaBMna rule_num. KaK m b onuMM -A, yHMTbiBaMTe nopnAOK 
o6pa6oTKM npM bboas HOBbix npaBMn b qenoHKy. 

• -D chain rule_num (mjim -D chain rule) yAarmeT npaBMno b 
qenoHKe; nepBbiM BapnaHT cMHTaKCMca onpeAenneT npaBM/io, 
KOTopoe ao/i>kho 6biTb yAaneHO no ero HMcny (iptables -L -line- 
numbers 6yAeT OTo6pa>KaTb btm HMcna), a nocneAHMM BapnaHT 
MAeHTMcjDMUMpyeT ero no ero coAep>KMMOMy. 

• -F chain c6pacbiBaeT uenoHKy (yAanneT Bee ee npaBMna). 
HanpMMep, HTo6bi yAanMTb Bee npaBMna, cBA3aHHbie c 
mcxoa^luhmm naKeTaMM, Bbi Aon>KHbi 3anycTMTb iptables -F 
OUTPUT. Ectim hm OAHa uenoHKa He yKa3aHa, Bee npaBMna b 
Ta6nMue yAanniOTCfl. 

• -P chain action onpeAenneT ASMCTBMe no yMonnaHMio MnM 
«nonMTMKy» A-rm ashhom uenoHKM; o6paTMTe BHMMaHMe, hto 
T onbKO cTaHAapTHbie qenM MoryT MMeTb TaKyK) nonMTMKy. HTo6bi 
c6pocMTb Becb bxoaalumm TpacjDMK no yMonnaHMK), BaM 
Heo6xoAMMO BbinonHMTb iptables -P INPUT DROP. 


npaBMna 

Ka>KAoe npaBMno BbipawaeTcn KaK conditions -j action 
action_options. . Ectim HecKonbKO ycnoBMM onMcaHbi b oahom npaBMne, 
to KpMTepMeM nBnneTcn KOH'biOHKUMn (norMnecKan c^yHKUMn V\), 
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KOTopaa xoTfl 6bi MMeeT orpaHnneHne, KaK n Ka>KAoe OTAe/ibHoe 
yc/iOBkie. 

YcnoBHe -p protocol cooTBeTCTByeT no/iK) npoTOKO/ia IP-naKeTa. 
Han6o/iee pacnpocTpaHeHHbiMn 3HaHeHMjRMM AB/ifliOTCfl tcp, udp, icmp 
n icmpv6. 3to yc/iOBne MO>KeT 6biTb Aono/meHO yc/iOBMAMn nopTOB 
TCP, TaKMMM KaK -source-port port port m -destination-portporf. 


OTpmjaTe/ibHbie yc/iOBMn 

flo6aBneHne k ycnoBMK) BOCK/inuaTe/ibHoro 3HaKa, OTpnuaeT 
yc/iOBkie. HanpuMep, OTpnuaHne ycnoBna Ha onunn -p cooTBeTCTByeT 
«/lK)6oPi naKeT C npOTOKO/lOM OTTMHHblM OT Toro, KOTOpbIM yKa3aH». 
3T0T MeX3HH3M OTpMUaHMJR MO>KeT 6blTb npMMeHeH KO BCeM APyrMM 
yc/iOBMflM. 


Venose -s address n/in -s network/mask cooTBeTCTByeT ncxoAHOMy 
aApecy naKeTa. AHa/iorMHHO, -d address or -d network/mask 
cooTBeTCTByeT aApecy Ha3HaHeHMjR. 

YcnoBHe -i interface Bbi6npaeT naKeTbi, ncxoAflLUHe m 3 3aAaHHoro 
ceTeBoro MHTepc^enca. -o interface Bbi6npaeT naKeTbi, BbixoA^mne Ha 
onpeAe/ieHHbm MHTepc^enc. 

yc/iOBne —state state (cocronHne) condition cooTBeTCTByeT 

coctoahmk) naKeTa b coeAHHeHMM (bto Tpe6yeT MOAy-nb ipt_conntrack 

kernel A-rm OTc/ie>KnBaHnfl coeAHHeHMfl). CocTOflHMe NEW onncbiBaeT 
naKeT 3anycKaK)Lunn HOBoe coeAHHeHne, ESTABLISHED 
cooTBeTCTByeT naKeTaM, npnHaA/ie>KamnM k ywe cymecTByiomeMy 
coeAHHeHHK), n RELATED cooTBeTCTByeT naKeTaM, MHnuMnpyiOLunM 
HOBoe coeAHHeHMe, KOTopoe cB?i3aHO c cymecTByiomuM (hto none3HO 
Ann coeAHHeHMH ftp-AaHHbix b aKTMBHOM pewnMe npoTOKO/ia FTP). 

CymecTByeT mhokcctbo AOCTynHbix onuni/i Ann iptables n ip6tables, n 
mx ocBoeHMe Tpe6yeT r/iy6oKoro M3yHeHMfl m A-nuTe/ibHoro npouecca 
Ha6opa onbiTa. OAHaKO OAHa M3 onunn, KOTopyio Bbi 6yAeTe 
ncno/ib30BaTb name Bcero, - bto Ta, KOTopaa 6/iOKMpyeT 
BpeAOHOCHbiM ceTeBOM Tpa<£nK c xocTa m/im Anana30Ha xoctob. 
HanpMMep, HTo6bi He3aMeTHO 6noKnpoBaTb bxoa^luhm TpacfjnK c IP- 
aApeca 10.0.1.5 n 31.13.74.0/24 K/iacca C noAceTM: 
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# iptables -A INPUT -s 10.0.1.5 -j DROP 

# iptables -A INPUT -s 31.13.74.0/24 -j DROP 

# iptables -n -L INPUT 

Chain INPUT (policy ACCEPT) 

target prot opt source destination 

drop all -- ie.e. 1.5 e.e.e.e/e 

DROP all -- 31.13.74.0/24 0.0.0.0/0 


flpyrajR Macro ncno/ib3yeMajR KOMaHfla iptables - bto pa3pei±ii/iTb 
ceTeBoPi Tpacj^nK A-na onpeAe/iem-ioPi c/iy>K6bi m/ii/i nopTa. HTo6bi 
no/ib30BaTe/in momi/i noA K/nonaTbCfl k SSH, HTTP n IMAP, Bbi MOxceTe 
3anycKaTb c/ieAyK)Lune KOMaHAbi: 


# iptables -A INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT 

# iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 

# iptables -A INPUT -m state --state NEW -p tcp --dport 143 -j ACCEPT 

# iptables -n -L INPUT 

Chain INPUT (policy ACCEPT) 


target 

prot 

opt source 

destination 




DROP 

all 

-- 10.0.1.5 

0.0.0.0/0 




DROP 

all 

-- 31.13.74.0/24 

0.0.0.0/0 




ACCEPT 

tcp 

-- 0.0.0.0/0 

0.0.0.0/0 

state 

NEW tcp 

dpt:22 

ACCEPT 

tcp 

-- 0.0.0.0/0 

0.0.0.0/0 

state 

NEW tcp 

dpt:80 

ACCEPT 

tcp 

-- 0.0.0.0/0 

0.0.0.0/0 

state 

NEW tcp 

dpt:143 


npaBi/moM xoponiePi KOMnbKrrepHOM rurneHbi AB/iaeTCfl OHi/icTKa 
CTapbix i/i HeHy>KHbix npaBi/m. CaMbiPi npocToPi cnoco6 yAa/ieHi/m 
npaBM/i iptables - ccbi/iaTbca Ha npaBi/ma no HOMepy ctpokm, KOTopbiPi 
Bbi MO>KeTe nonyMMTb c noMombio onunn -line-numbers. TeM He 
MeHee, 6yAbTe oneHb ocTopo>KHbi: npM c6poce npaBHna 6yAyT 
nepeHyMepoBaHbi Bee npaBkina, nojiB/ijqiomHec^ Aa/ibiue b uenoMKe. 


# iptables -n -L INPUT --line-numbers 

Chain INPUT (policy ACCEPT) 


num target 


prot opt 

source 

destination 





1 DROP 


all -- 

10.0.1.5 

0.0.0.0/0 





2 DROP 


all -- 

31.13.74.0/24 

0.0.0.0/0 





3 ACCEPT 


tcp -- 

0.0.0.e/e 

0.0.0.0/0 

state 

NEW 

tcp 

dpt:22 

4 ACCEPT 


tcp -- 

0.0.0.0/0 

0.0.0.0/0 

state 

NEW 

tcp 

dpt:80 

5 ACCEPT 


tcp -- 

0.0.0.0/0 

0.0.0.0/0 

state 

NEW 

tcp 

dpt:143 

# iptables • 

D 

INPUT 2 







# iptables • 

D 

INPUT 1 







# iptables - 

n 

-L INPUT - 

-line-numbers 






Chain INPUT 

(policy ACCEPT) 






num target 


prot opt 

source 

destination 





1 ACCEPT 


tcp -- 

0.0.0.0/0 

0.0.0.0/0 

state 

NEW 

tcp 

dpt:22 

2 ACCEPT 


tcp -- 

0.0.0.0/0 

0.0.0.0/e 

state 

NEW 

tcp 

dpt:80 

3 ACCEPT 


tcp -- 

0.0.0.0/0 

0.0.0.0/0 

state 

NEW 

tcp 

dpt:143 
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CymecTByKDT 6o/iee KOHKpeTHbie yc/iOBMA, b 3aBMCMMOCTM ot o6lamx 
yc/iOBMM, onncaHHbix BbiLue. Arm no/iyneHMA Aono/iHMTe/ibHOM 
MHcj^opMauMM peKOMeHAyeM 03HaK0MMTbca c Iptables (8) m ip6tables 
( 8 ) 


7.4.3 Co3AaHne npaBM/i 

Arm co3AaHMa Ka>KAoro npaBM/ia Tpe6yeTcm oamh Bbi30B iptables m/im 
ip6tables. Bboa btmx KOMaHA BpyHHyK) MOweT 6biTb oneHb 

yTOMMTe/lbHblM npOqeCCOM, n03T0My Bbl30Bbl 06 blHH 0 XpaHJRTCJR B 
cqeHapMn, t3kmm o6pa30M, hto cMcreMa aBTOMaTMnecKM 
HacTpaMBaeTca OAHHaKOBO Ka>KAbiM pa3, KorAa MauiMHa 3arpy>KaeTCfl. 
3tot cKpnriT MOweT 6biTb HankicaH BpyHHyK), ho Tao<e MO>KeT 6biTb 
AOBO/lbHO MHTepeCHO nOATOTOBMTb erO C nOMOLUbK) MHCTpyMeHTa 
BbicoKoro ypoBHjR, TaKoro KaK fwbuUder. 


# apt install fwbuilder 


npi/iHui/m npocT. Ha nepBOM 3Tane onmiiMTe Bee 3/ieMeHTbi, KOTopbie 
6yAyT 3aAeMCTBOBaHbi b AeMCTBMTe/ibHbix npaBM/iax: 

• CaM 6paHAMay3p c ceTeBbiMM MHTepcJoeMcaMM; 

• CeTM, c mx cooTBeTCTBeHHbiMM Anana30HaMM IP ranges; 

• CepBepa; 

• nopTbi, npMHaA-ne>KamMe k c/iy>K6aM, pa3MemeHHbiM Ha ashhom 
cepBepe. 

3aTeM co3AaMTe npaBM/ia c noMombK) npocTbix asmctbmm 
nepeTacKMBaHMA o6"beKTOB, KaK noKa3aHO Ha pncyHKe 7.2, «r.naBHoe 
okho Fwbuilder» [cTp. 160]. HecKonbKO KOHTeKCTHbix MeHK) MoryT 
M3MeHMTb ycnoBMe (HanpMMep, OTpMuaa ero). 3aTeM Hy>KHO Bbi6paTb 
M HaCTpOMTb ASMCTBMe. 

Hto KacaeTca IPv6, Bbi MO>KeTe /im6o co3AaTb Aaa pa3Hbix Ha6opa 
npaBM/i A-rm IPv4 m IPv6, n m6o co3AaTb TO/ibKO oaho, m no3BO/iMTb 
fwbuilder nepeBOAMTb npaBM/ia b cooTBeTCTBMM c aApecaMM, 
Ha3HaneHHbiMM obteKTaM. 
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PucyHOK 7.2 DiaBHoe okho Fwbuilders 


fwbuilder co 3 Aacr cicpi/inT, HacTpanBaK)LUMM 6 paHAMayap b 
cooTBeTCTBMH c npaBi/maMi/i, KOTopbie Bbi onpeAe/iMnM. Ero MOAy-nbHaa 
apxMTeKTypa AaeT B 03 M 0 >KH 0 CTb reHepi/ipoBaTb cqeiHapm/i, 
npeAHa 3 HaHeHHbie A-rm pa 3 Hbix cucreM, BK/itonaa iptables A-rm Linux, 
ipf A-rm FreeBSD m pf A-rm OpenBSD. 


7.4.4 YdaHOBKa npaBMA f\nn KawAOM 3arpy3KM 

p,r\9\ toto HTo 6 bi BHeAP^Tb npaBi/ma 6 paHAMay 3 pa KawAbiPi pa3, KorAa 
MamuHa 3 arpy>KaeTCJR, BaM Heo 6 xoAHMO 3 apemcTpnpoBaTb cKpunT 
KOHc^urypauMH b cooTBeTCTByK>meM AnpeKTHBe c^afi/ia 
/etc/network/interfaces file. B cneAyKDmeM npuMepe CKpunT xpam/iTca 
b /usr/tocat/etc/arrakis.fw. 
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auto eth0 

iface eth0 inet static 
address 192.168.0.1 
network 192.168.0.0 
netmask 255.255.255.0 
broadcast 192.168.0.255 
up /usr/local/etc/arrakis.fw 


flaHHbiPi npi/iMep npeAno/iaraeT, hto Bbi ncno/ib3yeTe ifupdown A-rm 
HacTpoPiKM ceTeBbix MHTepcjDeMCOB. Earn Bbi ncnonb3yeTe hto-to 
A pyroe (BpoAe NetworkManager n/in systemd-networkd ), TorAa 
03HaK0MbTecb c mx cooTBeTCTByKDmeM AOKyMeHTauMePi Ann toto, 
HTo6bi onpeAe/iMTb cnoco6, kokhm o6pa30M Bbino/iHMTb cKpMnT noc/ie 
Toro, KaK MHTep<t>eMC 6bm 3anymeH. 


7.5 Mohmtopmht m n potoko/i MpoBaH Me (pemcTpaLjMfl) 

KOHC)3MAeHMMa/lbHOCTb M 3ai±lMTa AaHHbIX AB/lfllOTCfl B3>KHblM 
acneKTOM 6e3onacHOCTM, ho He MeHee Ba>KHbiM nsnnejcn 
o6ecneneHne AOCTynHOCTM yc/iyr. B KanecTBe aAMMHMCTpaTopa m 
cneuMa/iMCTa b ccj^epe 6e3onacHOCTM Bbi AO/i>KHbi cneAMTb 3a TeM, 
HTo6bi Bee pa6oTa/io AO/i>KHbiM o6pa30M, m Bama HenocpeACTBeHHaa 
OTBeTCTBeHHOcTb - cBoeBpeMeHHO BbmB/iaTb aHOMa/ibHoe noBeAeHMe 
m yxyALueHMe o6c/iy>KMBaHM5q. nporpaMMHoe o6ecneneHne Ann 
MOHMTopMHra m perMCTpauMM MrpaeT K/noneByK) po/ib b btom acneKTe 
6e3onacHOCTM, o6ecneHMBafl noHMMaHMe Toro, hto npoMcxoAMT b 
CMCTeMe m b ceTM. 

B 3T0M pa3Ae/ie Mbl paCCMOTpMM HeKOTOpbie MHCTpyMeHTbl, KOTOpbie 
MO>KHO MCn0/lb30BaTb AAH MOHMTOpMHTa HeCKO/lbKMX acneKTOB 

CMCTeMbi Kali. 


7.5.1 MoHMTopMHr >KypHaAOB c noMOUJ,bK) logcheck 

nporpaMMa logcheck OTcne>KMBaeT cpaM/ibi >KypHa/iOB Ka>KAbin nac no 
yMonnaHMK) m OTnpaB/ifleT Heo6biHHoe coo6meHMfl >KypHana b 
3/ieKTpoHHbix nncbMax aAMMHMCTpaTopy A-n^ Aa/ibHeMiiiero aHa/iM3a. 
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Cnucoic OTcnewi/iBaeMbix c^aPmoB xpaHi/uca b 

/etc/logcheck/logcheck.logfiles. 3HaneHMfl no yMO/inaHHK) 6yflyT 
pa6oTaTb flon>KHbiM o6pa30M, ecrrn c^aM/i /etc/rsyslog.conf He 6bm 
nonHOCTbK) nepepa6oTaH. 

Logcheck MOweT OTHMTbiBaTbCfl c pa3/iMHHbiM ypoBHeM fleTann3aunn: 
paranoidserver, and workstation, paranoid ver AB/iaeTCfl oneHb 
nOflpo6HblM H BepOJlTHO, AO/l>KeH 6blTb OrpaHMHeH KOHKpeTHbIMM 
cepBepaMH, TaKHMM KaK 6paHflMay3pbi. Server nBnnejcn pe>KHMOM no 
yMO-nnaHHK) m peKOMeHflyeTCJi f\r\9\ 6o/ibLunHCTBa cepBepoB. 
Workstation , oneBHAHO, npeAHa3HaneHa A-rm pa6oHnx cTaHUMM m 
AB/ iaeTCfl Hpe3BbNaPiHO c>KaToPi, OTcj^HnbTpoBbiBa^ 6o/ibiue 
coo6meHnPi, neM ApyrHe napaMeTpbi. 

Bo Bcex Tpex c/iyHaflx, logcheck BepoaTHO AO/i>KeH 6biTb HacTpoeH 
TaKi/iM o6pa30M, HTo6bi MCK/iKDHMTb HeKOTopbie Aono/iHi/iTe/ibHbie 
C006meHM}q (B 3aBHCMMOCTM OT yCTaHOB/ieHHbIX C/iy>K6), eC/lM Bbl 
KOHenHO He xoTHTe nonynaTb Ka>KAbiM Mac Macci/iBHbie napT hm 
A/ iHHHbix HeMHTepecHbix aneKTpoHHbix nHceM. BBHAy Toro, hto 
MeX3HH3M Bbl6opa C006meHMH AB/lfleTCfl AOBO/lbHO C/10>KHblM, 
cooTBeTCTBeHHo/usr/share/doc/ logcheck- 

database/README.Iogcheck-database.gz 6yAeT Heo6xoAHMbiM (—if 
challenging—read.) 

npi/iMeHfleMbie npaBH/ia mo>kho pa3Ae/inTb Ha HecKO/ibKO Ti/inoB: 

• Te, KOTopbie KBa/incf)nuMpyK)T coo6meHne KaK nonbiTKy B3/iOMa 
(xpaHJiTCjR b Rapine b AnpeKTopnn /etc/logcheck/cracking.d/); 

• nrHopnpyK)T nonbiTKH B3/iOMa (/etc/logcheck/cracking.ignore.d/); 

• Te, kto K/iaccnc|3ni4npyeT coo6meHne KaK npeAynpe>KAeHne 
6e3onacHOCTM (/etc/logcheck/violations.d/); 

• nrHopnpyK)T npeAynpe>KAeHi/m 6e3onacHOCTM 

(/etc/logcheck/violations. ignore, d/); 

• H HaKOHeU, KOTOpbie npi/IMeHJ3K)TCfl K OCTa/lbHblM coo6meHi/mM 
(paccMaTpMBaKDTCJi KaK cucreMHbie co6bnnn). 

MrHopnpyeMbie c|3aPi.nbi ncno.nb3yK)TCfl A-rm m~HopnpoBaHMfl 
(oneBHAHo) coo6meHnPi. HanpHMep, coo6meHne, noMeneHHoe KaK 
nonbiTKa B3/iOMa m/im npeAynpe>KAeHne 6e3onacHOCTM (c/ieAya 
npaBH/iy, xpaHameMycfl b c^aPi/ie /etc/togcheck/viotations.d/myfite), 
MO>KeT 6biTb npoHTHopupoBaHO TO/ibKO npaBHnoM b cjoaPi/ie 
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/etc/togcheck/viotations. ignore .d/myfite m/im /etc 

/logcheck/viotations.ignore.d/myfite- c^afi/i pacLUMpeHMz. 

Bbi Bcerfla 6yAeTe onoBemeHbi o cmctcmhom co6biTMM, noKa npaBM/io 
b oahom M3 AupsKTopMM /etc/togcheck/ignore.d. {paranoid, 
server,workstation}/ He yTBepAMT, hto co6biTMe ao/i>kho 6biTb 
npOMTHOpMpOBaHO. Pa3yMeeTC3, eAMHCTBeHHbIMM BOCnpMHMMaeMblMM 
AMpeKTOpMJRMM 6yAyT 9\Br\9\TbC9\ Te, HbM COOTBeTCTBeHHbie ypOBHM 
cnoBecHoro Hano/iHeHMA paBHAKOTCB m/im npeBbuuaKrr Bbi6paHHbiM 
pe>KMM pa6oTbi. 


7.5.2 MOHMTOpMHr aKTMBHOCTM B peaAbHOM BpeMeHM 

top nsnneTcn MHTepaKTMBHbiM MHCTpyMeHTOM, OTo6pa>KaK)LUMM cnncoK 
TeKymMx 3anymeHHbix npoqeccoB. CopTMpoBKa no yMO/iHaHMK) 
ocHOBaHa Ha TeKymeM 3arpy>KeHHOCTM npoueccopa m MO>KeT 6biTb 
no/iyneHa c noMombK) K/iK)Ha P. flpyrne coptmpobkm npMK330B 
BK/lK)HaK)T COpTMpOBKy nO 33HMMaeM0M naMflTM (K/1K)H M), 06 meMy 

BpeMeHM npoqeccopa (k/ikdh T) m MASHTMcJoMKaTopy npouecca (k/ikdh 
N). K/ikdh K 3 aBepniaeT npouecc, nyTeM bboas MASHTMcJoMKaTop 
npouecca. K/iaBMiua r M 3 MeHaeT npMopMTeT npouecca. 

KorAa BaM KaweTCfl, hto cMCTeMa neperpy>KeHa, top flBrmeTCfl 
OT/iMHHbiM MHCTpyMeHTOM A-rm npocMOTpa m onpeAeneHMfl KaKMe 
npoueccbi KOHKypMpyKDT 3a npoueccopHoe BpeMA m/im noTpe6/iBK)T 
C/IMLUKOM MHOTO naMflTM. B H3CTH0CTM, BCerAa MHTepeCHO npOBepMTb 
cooTBeTCTByKDT /1M npoueccbi, noTpe6/iBK)LUMe pecypcbi, pea/ibHbiM 
c/iy>K6aM, KOTopbie AO/i>KHbi 6biTb pa3MemeHbi Ha ManiMHe. 
HeM3BecTHbiM npoqecc, pa6oTaK)LUMM xax "www-data", AO/i>KeH 
ASMCTBMTe/lbHO BblAe/lflTbCfl M M3yH3TbCB, nOCKO/lbKy OH, BepOBTHee 
Bcero, AB/iaeTCB aioeMn/iapoM nporpaMMHoro o6ecneneHMfl, 
ycTaHOB/ieHHoro m Bbino/iHaeMoro b cMCTeMe, c noMombK) y?i3BMMOCTM 
b Be6-npMno>KeHMM. 

Top ABJiaeTCfl oneHb tm6kmm MHCTpyMeHTOM m ero crpaHMua 
pyKOBOACTBa npeAOCTaBnaeT agt3/im o tom, xax HacTpoMTb ero 
MHTepcf)eMC m aAanTMpoBaTb ero noA BaniM Heo6xoAMMOCTM m 
npMBblHKM. 
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rpacjoMHecKMM MHCTpyMeHT gnome-system-monitor AB/iaeTCfl oneHb 
noxowMM Ha top m npeflOCTaBn?ieT Te we caMbie cbomctb3 m ctoyHKUMM. 


7.5.3 06Hapy>KeHMe M3/v\eHeHMM 

noc/ie yCTaHOBKM M HaCTpOMKM CMCTeMbl 60/lbl±IMHCTB0 CMCTeMHbix 
C^aM/lOB AO/lWHbl OCTaBaTbCfl OTHOCMTe/lbHO CT3TMHHblMM AO Tex nop, 
noica cMCTeMa He 6yAeT o6HOB/ieHa. noaTOMy peicoMeHAyeTca c/ieAMTb 
3a M3MeHeHHfiMM b cMCTeMHbix cjoaM/iax, nocKO/ibKy ruo6oe 
HenpeABMASHHoe M3MeHeHMe MOweT 6biTb npMHMHOM TpeBorM m 
AO/iwho 6biTb Mcc/ieAOBaHO. B btom pa3Ae/ie npeACTaB/ieHbi 
HeKOTopbie M3 HaM6onee pacnpocrpaHeHHbix MHCTpyMeHTOB, 
Mcnonb3yeMbix A-na MOHMTopMHra CMCTeMHbix cjoaM/iOB, o6HapyweHMfl 
M3MeHeHMM M, BepOBTHO, yBeAOM/ieHMfl Bac KaK aAMMHMCTpaTOpa 
CMCTeMbl. 


llpoBepKa naKeTOB c noMombK) dpkg -verify 

dpkg —verify (m/im dpkg -V) - MHTepecHbiM MHCTpyMeHT, nocKO/ibicy oh 
OTo6pa>KaeT cMCTeMHbie c|oaM.nbi, KOTopbie 6bi/iM M3MeHeHbi (cKopee 
Bcero, 3/lOyMblLU/ieHHMKOM), HO 3T0T BbIBOA C/ieAyeT BOCnpMHMMaTb c 
onpeAe/ieHHOM AO/ieM cKencMca. Ana Bbino/iHeHMA cBoePi pa6oTbi 
dpkg nonaraeTCfl Ha KOHTpo/ibHbie cyMMbi xpaHJuuMecB b cbomx 
co6cTBeHHbix 6a3ax AaHHbix, KOTopbie b cbokd onepeAb HaxoAflTca Ha 
wecTKOM AncKe (MoryT 6biTb HaMAeHbi b /var/lib/dpkg/info/package 
.md5SUms). BBMAy 3T0r0 AOBO/lbHO TLUaTe/lbHblM 3/lOyMblLU.neHHMK 
6yAeT M3MeHflTb STM C^aM/lbl, HT06bl OHM COAepwa/lM HOBbie 
KOHTpo/ibHbie cyMMbi A-n^ noBpewAeHHbix cjoaM/iOB, m/im we 6o/iee 
npoABMHyTbiM 3/ioyMbiiii/ieHHMK MOweT B3/iOMaTb naKeT b BameM 
3epKane Debian. Toro HTo6bi 3amMTMTbCB ot btoto K/iacca aTaKM, 
Mcnonb3yMTe cMCTeMy BepMcjoMiouMM umc|dpobom noAnMCM APT (cm. 
Pa3Aen 8.3.6 «npoBepKa hoa/imhhoctm naKeTa» [cTp. 202]) A-rm 
npaBMnbHOM npoBepKM naKeTOB. 


Hto TaKoe KOHTpo/ibHan cyMMa 4>afijia? 

Mbl CHMTaeM HyWHbIM HanOMHMTb, HTO KOHTpO/lbHafl CyMMa AB/lfleTCfl 
Be/iMHMHOM, name Bcero hmc/iom (xota m b LuecTHaAUaTepMHHOM 
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CMCTeMe MCHi/icneHMfl), KOTopan coagp>kmt hto-to BpoAe noAnncn A-na 
coAep>KMMoro c^aPina. lloAni/icb paccHMTbiBaeTcn anropMTMOM (MD5 
M/1M SHA1 flBJlflKDTCfl XOpOLUO M3BeCTHblMM npMMepaMM), KOTOpbIM 
6o/iee v\nv\ MeHee rapaHTMpyeT, hto Aawe caMbie He3HaHMTe/ibHbie 
M3MeHeHMjR coAep>KMMoro cjoaPina npuBeAyT k M3MeHeHMK) 
KOHTpO/lbHOM CyMMbi; 3T0 fIBneHMe M3B6CTH0 KaK «3Ct3C(3eKT naBMHbl». 
npocTan MMcJopoBan cMTHaTypa 3aTeM cnywMT cpeACTBOM A-na 
npoBepKM Toro, M3MeHM/iocb /in coAep>KMMoe cjoaPma v\nv\ HeT. 3tm 
a/irOpMTMbl flBnflK)TCfl He 06 paTHMblMM; APyrMMM C/lOBaMM, RKK 
6o/ibnmHCTBa M3 hmx, Aawe ec/iM Bbi Aa>Ke 3HaeTe KOHTpo/ibHyK) 
CyMMy, TO 3T0 He n03B0/lMT BaM H3MTM COOTBeTCTByKDLLlSe 
coAep>KMMoe. HeAaBHMe MaTeMaTMnecKMe AOCTMweHMn, no- 
BMAMMOMy, OC/ia6MnM a6C0/lK)TH0CTb 3TMX npMHUMnOB, HO MX 
Mcno/ib30BaHMe ao cmx nop He craBMTcn noA coMHeHMe, nocKO/ibKy 
co3AaHMe Apyroro coAepwMMoro, AaK>mero OAHy m Ty we 
KOHTpo/ibHOM cyMMbi, no-npewHeMy npeACTaBnneTcn AOBO/ibHO 
c/iowhom 3aAaHeM. 


3anycK KOMaHAbi dpkg -V npoBepneT Bee ycTaHOB/ieHHbie naKeTbi m 
BbiBOAHT Ha 3KpaH crpoKy A-rm KawAoro cJoaPina, KOTopbiM He npoLuen 
npoBepKy. KawAbiM cmmbo/i o6o3HanaeT npoBepKy Ha KOHKpeTHbie 
MeTaAaHHbie. K cowaneHMK), dpkg He xpaHMT MeTaAaHHbie 
He 06 X 0 AHMbie A-n^ 60 /lbLUMHCTBa TeCTOB M TaKMM 06pa30M BbIBOAMT 
BonpocMTe/ibHbie 3H3km BMecTO hmx. B HacTOfuuee BpeMn ec/iM 
npoBepKa KOHTpo/ibHOM cyMMbi npoBa/iM/iacb, to Ha TpeTbePi no3MMMM 
6yAeT HaxoAHTbca UMcjopa 5. 


# dpkg -V 

7?5???7?7 /lib/systemd/system/ssh.service 
775777777 c /etc/libvirt/qemu/networks/default.xml 
775777777 c /etc/lvm/lvm.conf 
775777777 c /etc/salt/roster 


B npMBeASHHOM Bbime npMMepe, dpkg coo6maeT 06 M3MeHeHMM 
<£aMna c/iy>K6bi SSH, KOTopbiM aAMMHMCTpaTop CAenan b 
naiceTMpoBaHHOM cJ^aM/ie BMecTO Toro, HTo6bi Mcno/ib30BaTb 
cooTBeTCTByK>myK) 3aMeHy /etc/systemd/system/ssh.service 
(KOTopaa 6yAeH xpaHMTbcn HMwe /etc KaK m AO/iwHbi xpaHMTbcn 
nK)6bie M3MeHeHMa KOHcjDMrypauMM). B HeM TaKwe nepeHMcneHbi 
HecKO/ibKO cjDaM/iOB KOHcjDMrypauMM (o6o3HaneHHbix 6yKBoPi «c» Ha 
btopom none), KOTopbie 6binM neranbHO M3MeHeHbi. 
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MoHMTopuHr 4>a MAOB: AIDE 


1/lHCTpyMeHT Advanced Intrusion Detection Environment (AIDE) 
npoBepaeT qe/iocTHOCTb c^ai/ma m o6Hapy>KMBaeT /iK)6bie M3MeHeHM?i, 
KOTopbie He cooTBeTCTByKDT paHee 3anncaHHOMy o6pa3y 
AePicTBHTe/ibHOM cMCTeMbi. 06pa3 xpaHMTca b BMAe 6a3bi AaHHbix 
(/var/lib/aide/aide.db), coAepwameM cooTBeTCTByiomyK) 

MHcjDopMauMK) 060 Bcex cjoaM/iax cMcreMbi (KOHTpo/ibHbie cyMMbi, 
pa3pei±ieHMfl, BpeMeHHbie mctkm m t. a-)- 

Bbi MO>KeTe ycTaHOBMTb AIDE nyTeM 3anycKa apt update, 3a kotopom 
AO/ i>KHa cneAOBaTb apt install aide. CHana/ia Bbi MHMUMa/iM3MpyeTe 
6a3y AaHHbix c noMombio aideinit; OHa 6yAeT 3anyci<aTbCfl e>KeAHeBHO 
(nepe3 cueHapi/m /etc/cron.daily/aide), HTo6bi npoBepHTb, hto 3a bto 
B peMa He npoM30iii.no cymecTBeHHbix M3MeHeHMPi. Ec/im M3MeHeHHfi 
6yAyT o6Hapy>KeHbi, to AIDE 3anncbiBaeT mx b cjoan/ibi >KypHa/ia 
(/var/log/aide/*.log) m OTnpaB/iaeT cbom pe3y/ibTaTbi 
aAMMHMCTpaTopy no 3/ieKTpoHHoPi noHTe. 


3amnTa 6a3bi AaHHbix 

nocKO/ibicy AIDE Mcno/ib3yeT zioica/ibHyK) 6a3y AaHHbix A-rm 
CpaBHeHMJR COCTOflHMPl C|}aPl/10B, AOCTOBepHOCTb nOA 06 HblX AePiCTBMM 
Hanp^MyK) cB?i3aHa AOCTOBepHOCTbK) 6a3bi AaHHbix. Ec/im 
3/ioyMbiLu/ieHHMK no/iynaeT npaBa root Ha B3/iOMaHHyK> cMCTeMy, to 
OH CMO>KeT 33MeHMTb 6a3y AaHHbix M CKpbITb C/ieAbl B3/10Ma. Oahmm 
m 3 cnoco6oB npeAOTBpameHMfl noAo6Horo poAa AeflTe/ibHOCTM 
9\Br\9\eTC9\ coxpaHeHMe cnpaBOHHbix AaHHbix Ha HOCMTe/ie, 
npeAHa3HaneHHOM TO/ibKO A-nfl htchm^. 


Bbi MOweTe Mcno/ib30BaTb onuMM b /etc/default/aide A-rm HacTpoMKM 
naKeTa package. AIDE BHyTpeHHMe HacTpoMKM nporpaMMbi xpaHATca 
b cJoaM/iax/etc/aide/aide.conf m /etc/aide/aide.conf.d/ (Ha caMOM 
Ae/ie, 3 tm cjoaPi/ibi Mcno/ib3yK)TCfl TO/ibKO update-aide.conf A-rm 
reHepauMM /var/lib/aide/aide.conf. autogenerated). KoHcJoMrypauMfl 
yKa3biBaeT, KaKMe cBoPicTBa AO/i>KHbi 6biTb npoBepeHbi. HanpMMep, 
coAep>KMMoe cjoaPi/iOB >KypHa/ia M3MeH?ieTCfl b o6bNHOM pe>KMMe, m 
T aKMe M3MeHeHM3 MO>KHO MTHOpMpOBaTb, eC/lM pa3pei±ieHMfl 3TMX 
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C^akl/lOB OCTaKDTCfl HeM3MeHHblMM, HO KaK COAep>KMMOe, TaK M 
pa3pei±ieHi/m i/icno/iHfleMbix nporpaMM AO/i>KHbi 6biTb nocTOAHHbiMi/i. 
XOTfl Bee 3T0 M He OHeHb C/10>KH0, CMHTaKCMC KOHC|3MrypaUHM He 
9 \ Br \ 9 \ eTC 9 \ nOJlHOCTbK) MHTyMTMBHO flCHbIM, M Mbl peKOMeHAyeM 
npoHMTaTb AononHHTe/ibHyK) cnpaBOHHyio crpaHMqy aide.conf (5) Ann 
no/iyneHMA Aono/iHMTe.nbHOM MHcjoopMauMM. 

HoBaa Bepckia 6a3bi AaHHbix co3AaeTca e>xeAHeBHO b 
/var/lib/aide/aide.db.new; ec/iM Bee 3anncaHHbie M3MeHeHMfl 6bmn 
3aKOHHblMH, TO CMe/10 MO>KHO BbinO/lHflTb 3aMeHy 6a3bl AaHHbix. 

1/lHCTpyMeHT Tripwire oneHb noxo>K Ha AIDE; Aawe CMHTaKCMC cjoaM/ia 
KOHcjoMrypauMM noHTM OAHHaKOBbiPi. OcHOBHoe AonormeHi/ie, 
npeAOCTaBnaeMoe tripwire , 3aK/iK)HaeTCfl b tom, hto oh BK/nonaeT b 
ce6 n MexaHM3M noAnMCM cjoaM/ia KOHcjoMrypauMM, HTo6bi 
3/ioyMbim/ieHHMK He mot 3acTaBMTb ero yKa3biBaTb Ha Apyryio Bepcmo 
cnpaBOHHOM 6a3bi AaHHbix. 

Samhain Taioxe npeA-naraeT noxo>KMe cBOMCTBa, a Taioxe HeKOTopbie 
cfjyHKUHM, KOTopbie noMoryT onpeAe/iMTb pyTKMTbi (cmotpm BCTaBKy 
"naiceTbi checksecurity m chkrootkit/rkhunter " [crp. 164]). Oh 
TaK>xe MO>KeT 6biTb pa3BepHyT rno6a/ibHO bo Been ceTM m 3anncbiBaTb 
pe3y/ibTaTbi cBoePi pa6oTbi Ha ueHTpa/ibHOM cepBepe (c noAnMCbio). 


naKeTbi checksecurity m chkrootkit/rkhunter 

checksecurity coctomt m3 HecKO/ibKMx He6o/ibi±iMx cKpnnTOB, KOTopbie 
Bbino/iHjRK)T ocHOBHbie npoBepKM b cMCTeMe (noHCK nycTbix napo/ien, 
HOBbix cjoaM/iOB setuid m t. a-) m onoBemaeT Bac b c/iynae 
o6Hapy>KeHMM btmx yc/iOBMM. HecMOTpa Ha CBoe ABHoe mma, Bbi He 
Aon>KHbi nonaraTbca MCK/iK)HMTe.nbHO Ha Hero, A-rm Toro HTo6bi 
yAOCTOBepMTbCA, hto cMCTeMa Linux 6e3onacHa. 

llaKeTbi chkrootkit m rkhunter o6Hapy>KHBaK)T onpeAe/ieHHbie 
pyTKMTbi , noTeHuna/ibHO ycraHOB/ieHHbie b CMCTeMe. HanoMHMM, hto 
3to Haem nporpaMMHoro o6ecneneHMfl, npeAHa3HaneHHbie Ann 
CKpbITl/m B3/10Ma CMCTeMbl, HO np M 3T0M COXpaHflfl KOHTpO/lb HaA 
ManiMHOM. TecTbi He Ha 100 npoqeHTOB HaAe>KHbi, ho o6biHHO mx 
pe3y/ibTaTbi MoryT npMB/ienb Bame BHMMaHMe k noTeHUMa/ibHbiM 
npo6/ieMaM. 
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7.6 rioABeAeM morn 

B 3tom maBe Mbi paccMOTpe/iu KOHuenuuio no/iMTUK 6e3onacHOcrn, 
noAnepKHyB pa3/iuHHbie MOMeHTbi, KOTopbie c/ieAyeT ynnTbiBaTb npM 
onpeAeneHMM noAo6HO no/iMTUKu, n o6cyAn/in HeKOTopbie yrpo3bi 
Bamen cMCTeMe u /imhho BaM KaK cneuna/incTy b ccjoepe 
6e3onacHOCTM. Mbi TaK>Ke noAHfl/iu Bonpoc o Mepax 6e3onacHOcrn unn 
HoyT6yKOB n AecKTonHbix cucreM, a TaK>Ke o 6paHAMay3pax u 
cjon/ibTpauuoHHbix naKeTax. HaKOHeu, Mbi paccMOTpe/iu MHcrpyMeHTbi 
n CTpaTerMH MOHi/iTopi/mra u noKa3a/in, KaK Han/iynLUMM o6pa30M 
pea/iM30BaTb ux A-rm obHapyweHMA noTeHMna/ibHbix yrpo3 A-rm Bamen 
CMCTeMbl. 

OCHOBHbie MOMeHTbi: 

• noTpaTbTe KaKoe-TO BpeMA A-rm onpeAe/ieHna neTKon n 
BceoS'beM.momeM no/inTMKn 6e3onacHOcrn. 

• Ec/in Bbi ncno/ib 3 yeTe Kali Ha o 6 meAOCTynHOM cepBepe, M 3 MeHMTe 
Bee napo/in no yMO/inaHi/iK) A-rm cnywb, KOTopbie MoryT 6 biTb 
HacTpoeHbi (cm. Pa 3 Aen 7.3 « 3 amnTa ceTeBbix c/iy>K 6 » [cTp. 153 ]) 
h orpaHHHbTe mx AOCTyn c noMombK) 6 paHAMayapa (cm. Pa 3 Ae/i 7 . 4 , 
« 5 paHAMay 3 p m/im cton/ibTpaunfl naKeTOB» [cTp. 153 ]) nepeA nx 
3 anycKOM. 

• Hcno/ib3yMTe fail 2 ban A-na o6Hapy>KeHnfl m 6 /iokmpobkm aTaK 
yraAbiBaHMjR naporm m brute force aTaK. 

• Ec/im Bbi 3 anycKaeTe Be 6 -cny>K 6 bi, pa 3 MemanTe mx Ha HTTPS, 
HTo 6 bi ceTeBbie nocpeAHMKM He Mornn npocMaTpMBaTb Bam TpacJonK 
(KOTopbiM MO>KeT coAepwaTb b ce 6 e c|}an.nbi cookie A-rm 
ayTeHTMcf)MKai 4 MM). 

• Pea/ibHbie pmckm name Bcero B03HMKaK)T, KorAa Bbi nyTemecTByeTe 

ot oahoto K/iMeHTa k ApyroMy. HanpMMep, Bam HoyT6yK MO>KeT 
6biTb yKpaAeH bo BpeMA noAo6Horo poAa noe3AKM m/im mb^t Ha 
T3M0>KHe. ByAbTe BcerAa roTOBbiMM k noAo6HbiM HenpnaTHbiM 
Heo>KMAaHHOCTjRM m ncno/ib3ynTe no/iHoe mMc^poBaHMe AncKa 
(cmotpm pa3Ae/i 4 . 2 . 2 ., «YcTaHOBKa Ha no/iHOCTbK) 

3amMcf)poBaHHyK) cjoan/iOByK) cMCTeMy» [cTp. 85 ]), a TaK>Ke He 
3a6yAbTe paccMOTpeTb cfjyHKunK) nuke (cmotpm "flo6aB/ieHMe nuke 
naporm A-rm Aono/iHMTe/ibHOM 6e3onacHOCTM" [crp. 245 ]) A-rm Toro, 
HTo6bi 3amnTMTb AaHHbie Bamero K/iMeHTa. 

• Heo6xoAHMO BHeAPHTb npaBM/ia 6paHAMayapa (cm. Pa3Ae/i 7 . 4 , 


209 


«5paHflMay3p h/im $ 1 / 1/1 bTpa qua naKeTOB» [cTp. 153]), HTo6bi 
3anpeTMTb Becb McxoflJuunPi Tpa$i/iK, KpoMe Tpa$i/iKa, 
reHepupyeMoro BaniMM VPN-AOcrynoM. 3 to noflo6HO 3amnTHoPi 
ceTKe, no3TOMy, Kor^a VPN OTK/nonaeTCJi, Bbi cpa3y 3aMenaeTe bto 
(BM ecTO Toro, HTo6bi B03BpamaTbc^ k noKanbHOMy ceTeBOMy 
AOCTyny). 

• 3a6/iOKi/ipyPiTe c/iy>K6bi, KOTopbie Bbi He ncno/ib3yeTe. Kali fle/iaeT 
3Ty npoueflypy HaMHoro npome, t.k. Bee BHeniHi/ie ceTeBbie 
c/iy>K6bi OTKJiKDneHbi no yMonnaHHK). 

• B jRflpo Linux BCTpoeH netflter 6paHflMay3p. He cymecTByeT 
OKOHHaTe/ibHoro pei±ieHi/m Bonpoca HacTpoMKH /iK)6oro 
6paHflMay3pa, t.k. Tpe6oBaHmi ceTH m no/ib30BaTe/ui AOBO/ibHO 
pa3HjqTca. TeM He MeHee, Bbi MO>KeTe KOHTpormpoBaTb netflter M3 
no/ib30BaTe/ibCKoro npocTpaHCTBa c noMombK) KOMaHA iptables 1/1 
ip6tables. 

• nporpaMMa logcheck OTcne>KHBaeT $aPmbi >KypHa/ia Ka>KAbiPi nac no 
yMonnaHHK) h ompaB/uieT 3/ieKTpoHHbie ni/icbMa c oco6biMM 
coo6meHmqMM >KypHa/ia aflMHHMCTpaTopy A-rm Aa/ibHePiniero 
aHa/iM3a. 

• top XBr\9\eTC9\ MHTepaKTMBHblM HHCTpyMeHTOM, KOTOpblPi BblBOAHT Ha 
3KpaH cnncoK 3anymeHHbix npoueccoB Ha AaHHbiPi MOMeHT. 

• dpkg --verify (h/ih dpkg -V) OTo6pa>KaeT ci/icTeMHbie cjoaM/ibi, 
KOTopbie 6bmn n3MeHeHbi (cKopee Bcero 3/ioyMbiLu/ieHHMKOM), ho 
no/iaraeTca Ha KOHTpo/ibHbie cyMMbi, KOTopbie MoryT 6biTb 
ncKa>KeHbi rpaMOTHbiM aTaKyiomuM. 

• 1/lHCTpyMeHT Advanced Intrusion Detection Environment (AIDE) 
npoBep^eT ue/iocmocTb $aPma h onpeAermeT/iK)6bie M3MeHeHMfl b 
OTHO iiieHHM paHee 3anncaHHoro o6pa3a AePicTBi/ue/ibHoPi ci/icTeMbi. 

• Tripwire flBrmeTCfl oneHb noxo>KHM Ha AIDE, ho oh ncno/ib3yeT 
MexaHH3M f\r\9\ noAnncn $aPma KOH$nrypaum/i, HTo6bi 
3/ioyMbiLuneHHHK He Mor yKa3aTb Ha Apyryio Bepcmo cnpaBOHHoPi 
6a3bi AaHHbix. 

• PaccMOTpi/ue ncnonb30BaHne rkhunter, checksecurity, 1/1 chkrootkit 
A-rm no/iyneHi/m noMomu b o6Hapy>KeHi/iM pyTKHTOB Ha BauiePi 
cMCTeMe. 

B c/ieAyromePi maBe Mbi paccMOTpMM ocHOBHbie MOMeHTbi Debian h 
ynpaB/ieHHe naKeTaMH. Bbi 6bicTpo oco3HaeTe boo cn/iy, ziewamyK) b 
ocHOBe KopHePi Debian Kali, h y3HaeTe, KaK pa3pa6oTHMKn 
ncnonb30Ba^n 3Ty Mouib. ByAbTe ocTopo>KHbi, cneAyKomafl rnaBa 
AOBO/lbHO HaebimeHHaJI, HO KpaPiHe B3>KH0, HT06bl Bbi nOHMMa/lM 
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ocHOBbi Debian h ynpaB/iem/ie naiceTaMM, ec/ii/i Bbi co6npaeTecb cTaTb 
yBepeHHbiM no/ib 30 BaTe/ieM Kali. 
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Hacrb 8: YnpaB/ieHne naKeTaivw/i Debian 

CoAepmamie: 

8.1 BBefleHHe b APT 

8.2 OCHOBHOe B3aMM0A6MCTBHe naKeTOB 

8.3 npoABi/myTafl HacrpoPiKa m i/icno/ib 30 Bai-me APT 

8.4 CnpaBKa no naKeTaM: yrny6/iei-me b ci/icreMy naKeTOB Debian 

8.5 noABefleM MTorn 

KjiKDHeBbie c/iOBa maBbi: 

• Dpkg; 

• aptsources.list; 

• 06HOBJieHi/m; 

• flaKeTHbie peno3MTopm/i; 
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noc/ie Toro, KaK Bbi 03HaK0MM/iMCb c ocHOBaMM Linux, npMiu.no BpeMA 
n3yHMTb cMCTeMy ynpaB/ieHMA naKeTaMM flncTpn6yTHBa Ha 6a3e 
Debian. B t3kmx flncTpn6yTHBax, BK/nonafl Kali, naKeT Debian 
npeflCTaB/iaeT co6om KaHOHMHecKMM cnoco6 CAe/iaTb nporpaMMHoe 
o6ecneHeHne AOcrynHbiM A-rm KOHenHbix no/ib30BaTe/iePi. noHMMaHne 
CMCTeMbi ynpaB/ieHMA naKeTaMM asct BaM npeACTaB/ieHMe o tom, 
k3khm o6pa30M cTpyKTypnpoBaHa Kali, no3BO/iMT BaM 6o/iee 
3cf>cf)eKTMBH0 peniaTb npo6neMbi h 6bicTpo HaxoAHTb noMomb m 
AOKyMeHTauMK) Ann LUMpoKoro cneKTpa MHCTpyMeHTOB h yTM/iMT, 
BK/iKDneHHbix b Kali Linux. 

B stom r/iaBe Mbi npeACTaBHM BameMy BHMMaHMK) CMCTeMy 
ynpaBneHH^ naKeTaMM Debian m no3HaKOMMM Bac c dpkg m Ha6opoM 
MHCTpyMeHTOB APT. Oahom M3 ocHOBHbix npeMMymecTB Kali Linux 
ABJiaeTCfl rM6KOCTb CMCTeMbi ynpaBneHMA naKeTaMM, KOTopaa 
Mcnonb3yeT btm MHCTpyMeHTbi A-rm o6ecneneHMfl npaKTMnecKM 
HenpepbiBHOM MHcra/i/iflUMM, o6HOB/ieHMjq, yAaneHM^ m o6pa6oTKM 
npMK/iaAHoro nporpaMMHoro o6ecneneHMfl m Aa>Ke caMoPi 6a30B0M 
onepauMOHHOM CMCTeMbi. OneHb b3>kho noHATb, KaK 3Ta cMCTeMa 
pa6oTaeT, HTo6bi MaKCMMa/ibHO Mcno/ib30BaTb Kali m onTMMM3MpoBaTb 
BaLUM yCM/lMJT flHM 60/ie3HeHHblX KOMnM/lJlUMM, npOBa/lbHblX 
o6HOBneHMM, OT/iaAKM gcc, AO/iroro cosashma m HacTpoMKM 
pa3/lMHHblX OnUMM AaBHO npOLU/lM, OAHaKO, KO/lMHeCTBO AOCTynHblX 
npM/10>KeHMM 3HaHMTe/lbHO BbipOC/lO M CePiHaC BaM Heo6xOAHMO 
noHMMaTb MHCTpyMeHTbi, pa3pa6oTaHHbie A-rm mx Mcno/ib30BaHMfl. 
3tot HaBbiK TaK>Ke nsnnejcn Heo6xoAHMbiM, t.k. cymecTByeT 
orpoMHoe KO/iMnecTBO MHCTpyMeHTOB 6e3onacHOCTM, KOTopbie no 
npMHMHe JlMUeH3MpOBaHM^ M/1M M3"3a APyrMX HKDaHCOB He MOryT 6blTb 
BK/iKDneHbi b Kali, ho MMeiOT naKeTbi Debian A-na CKaHMBaHMfl. OneHb 
b3>kho, HTo6bi Bbi 3Ha/iM, KaK o6pa6aTbiBaTb m ycraHaB/iMBaTb btm 
naKeTbi m noHMMaTb, KaK ohm b/imaiot Ha CMCTeMy, oco6eHHO, b Tex 
cnynanx, KorAa Bee mast He TaK KaK o>KMAa/iocb. 

Mbi HaHHeM c 6a30Boro o63opa APT, onMiueM CTpyKTypy m 
COASp>KMMOe ABOMHHbIX M MCXOAHbIX naKeTOB, nOCMOTpMM Ha 
HeKOTopbie 6a30Bbie MHCTpyMeHTbi m cueHapMM m 3aTeM ymy6MMCfl b 
M3yneHMe A-rm Toro, HTo6bi noMOHb BaM BbiwaTb MaKCMMyM M3 btom 
3Cf)Cf)eKTMBH0M naKeTHOM CMCTeMbi M Ha6opa MHCTpyMeHTOB. 
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8.1 BBeAeHiie b APT 


flaBaPiTe HaHHeM c HeKOTopbix 6a30Bbix onpeAeneHMPi, o6mero 
o63opa, m He6o/ibLuoPi mctopmm naiceTOB Debian, HaHMHaa Hame 
noBecTBOBaHkie c dpkg m APT. 


8.1.1 B3amv\0CBfl3b Menvw APT m dpkg 

llaKeT Debian npeACTaBrmeT co6oPi c>KaTbiPi apxMB nporpaMMHoro 
npnno>KeHM5q. A 6nHapHbin naxer (binary package (c|3aPi.n .deb)) 
coAep>KMT c|3aPi.nbi, KOTopbie MoryT 6biTb npsiMO ncno/ib30BaHbi (TaKkie 
KaK nporpaMMbi mjim AOKyMeHTa 141/1 m), b to BpeMA KaK ncxo/jHbiii 
naxer (source package) coAep>Ki/iT i/icxoAHbiPi koa A-rm 
nporpaMMHoro o6ecneneHMfl, a Tai<>Ke i/iHCTpyKum/i, KOTopbie 
Heo6xoAHMbi A-rm co3AaHM5i 6nHapHbix naKeTOB. llaKeT Debian 
coAep>KMT cjoaPi/ibi npM/io>KeHMfl T3K>Ke KaK m Apyrne Mera/jaHHbie , 
BKJlKDHafl Ha3BaHMf1 3aBMCMMOCTeM, KOTopbie Heo6xoAHMbi 
npn/io>KeHHK) m cKpnnTbi, KOTopbie pa3peniaK)T Bbino/iHeHMe KOMaHA 
Ha pa3Hbix cTaAn^x >KH3HeHHoro uMK/ia naKeTa (ycraHOBKa, yAa/ieHMe 
m o6HOBneHne). 

1 /lHCTpyMeHT dpkg 6bm co 3 AaH A-rm o6pa6oTKM m ycraHOBKM naKeTOB 
.deb, ho ec/iM BCTpenaeT 3 aBMCMMOCTb, KOTopaa He MO>KeT 6biTb 
yAOB/ieTBopeHa (BpoAe OTcyTCTByiomeM 6n6nnoTeKM), to bto 
noMemaeT ycTaHOBKe naKeTOB. B noAo6Hbix c/iynaax dpkg npocTO 
nepeHMc/iMT OTcyTCTByiomyK) 3 aBMCMMOCTb, noTOMy hto y Hero npocTO 
HeT Bapi/iaHTOB agmctbmji 1/1/11/1 BCTpoeHHoPi /iori/iKi/i A-rm o6pa6oTKM 
naKeTOB, KOTopbie AO/l>KHbl yAOB/ieTBOpi/ITb 3 TM 3 aBMCl/ 1 MOCTl/l. 
1 /lHCTpyMeHT The Advanced Package Tool (APT), BK/nonafl apt m apt- 
get, 6bmi/i pa 3 pa 6 oTaHbi A-rm ycrpaHeHi/m btmx HeAOCTaTKOB, m tokmm 
o 6 pa 30 M oh MO>KeT aBTOMaTMHecKM pemi/iTb 3ti/i npo6neMbi. B btoPI 
r/iaBe Mbi noroBopHM 06 HHCTpyMeHTax dpkg 1/1 APT. 

5 a 30 BoPi KOMaHAoPi A-rm o6pa6oTKM naKeTOB Debian b ci/icTeMe 
flB/i 5 ieTC 5 i dpkg, KOTopaa Bbino/iHfieT ycTaHOBKy 1/1/11/1 aHa/iM 3 naKeTOB 
.deb 1/1 mx coAep>KMMoro. TeM He MeHee, dpkg MMeeTTO/ibKO nacTMHHoe 
npeACTaB/ieHMe 0 Bce/ieHHoPi Debian: oh 3 HaeT, hto ycraHOB/ieHO b 
CMCTeMe m hto Bbi npeAOCTaB/ifleTe b KOMaHAHoPi crpoKe, ho HMnero 
He 3 HaeT 0 Apyrnx AOCTynHbix naKeTax. TaKMM o 6 pa 30 M, oh He 6yAeT 
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pa 6 oTaTb, ecrrn 3 aBncnM 0 CTb He 6 yfleT Bbino/iHeHa. APT ycrpaHfleT 
flaHHbie orpaHMHeHHJi. 

APT nsnnejcn Ha 6 opoM i/iHcrpyMeHTOB, KOTopbie noMoraKrr ynpaB/iflTb 
naiceTaMH Debian h/im npi/mo>KeHMflMi/i b BauiePi ci/icreMe Debian. Bbi 
MOweTe ncno/ib30BaTb APT A-rm ycraHOBKH h yAa/ieHHfl npi/mo>KeHi/iPi, 
o 6 HOB/ieHi/m naKeTOB m Aawe o 6 HOB/ieHHfl BcePi cncTeMbi. Ben Marumi 
APT 3aKnK)HaeTCjq b tom, hto oh nsnnejcn no/iHOueHHOH cHCTeMon 
ynpaBneHH^ naKeTOB, KOTopaa 6 yfleT He npocTO ycraHaB/iHBaTb h/im 
yfla/isiTb naiceTbi, ho TaK>Ke 6 yfleT paccMaTpi/iBaTb Tpe 6 oBaHi/m h 
3aBMCMMOCTn naKeTi/ipoBaHHoro npi/mo>KeHi/m (m Aawe i/ix Tpe 6 oBaHna 
H 3aBMCMMOCTH) M nbITaTbCfl yAOB/ieTBOpHTb HX BCe aBTOMaTMHeCKH. 
APT no/iaraeTcs Ha dpkg, ho He cmotpa Ha bto OT/iMHaeTca ot dpkg. 
APT ycTaHaB/ii/iBaeT nocneAHiOK) Bepcmo naKeTa H 3 OHJiaPiH 
MCTOHHMKa H pa 60 TaeT TaK, HT 06 bl pa3peillMTb 3aBMCMMOCTM, B TO 
BpeMfl KaK dpkg ycraHaB/iHBaeT naKeT, pacno/io>KeHHbiM Ha BauiePi 
/lOKanbHoPi CMCTeMe, m He pa3peniaeT 3aBncnMOCTM aBTOMaTHHecKH. 

Ec/im Bbi pa 6 oTaeTe b AaHHoPi ccj^epe AOcraTOHHO ao/ito, HTo 6 bi 
noMHHTb o KOMni/irmuMH nporpaMM c noMombK) gcc (Aawe c noMombK) 
yTH/iMT, t3khx KaK make h configure), Bbi, BepoaTHO, noMHHTe, hto 
bto 6 bm AOBO/ibHO 6one3HeHHbiPi npouecc, oco 6 eHHO, ec/ii/i 
npnno>KeHMe HMe/io HecKO/ibKO 3aBi/ici/iMOCTePi. fleninc|3pyfl 
pa3nnHHbie npeAynpe>KAeHi/m h coo 6 meHMfl 06 onin 6 Kax, Bbi mot/im 
onpeAenHTb, KaKaa nacTb koas 6 bma HeyAanHoPi, h name Bcero 3Ta 
HeyAana 6 bma Bbi 3 BaHa OTcyTCTByiomePi 6 n 6 rmoTeKoPi h/ih ApyroPi 
3aBMCHMOCTbK). 3aTeM Bbi OTC/ie>KHBanH 3Ty HeAOCTaKDLUyK) 
6 n 6 nnoTeKy h/ih 3aBncnMOCTb, ncnpaB.rm.ni/i ee h noBTopfl/in nonbiTKy. 
fla/iee, ec/in BaM noBe3eT, KOMnn/muHA AO/i>KHa 3aBepi±iHTbCfl, ho 
nacTO c 6 opKa cHOBa noTepnnT HeyAany, wa/iyacb Ha Apyryio 
HapyuieHHyK) 3aBncnMOCTb. 

APT 6 bin pa 3 pa 6 oTaH Ann Toro, HTo 6 bi noMOHb peniHTb 3 Ty npo 6 /ieMy, 
conocTaBHTb nporpaMMHbie Tpe 6 oBaHna h 3aBncnMOCTM, a Tao<e 
peniHTb hx. 3Ta c^yHKUHOHa/ibHOCTb pa 6 oTaeT no yMO/inaHHK) Ha Kali 
Linux, ho OHa He AB/meTca 3 amnineHHoPi ot HeyMe/ioro o 6 pameHHjq. 
Ba>KHO noHMMaTb, KaK pa 6 oTaeT cHCTeMa naKeTHpoBaHHjq Debian h 
Kali, noTOMy hto BaM Hy>KHO 6 yAeT ycTaHaBnHBaTb naKeTbi, o 6 HOB/mTb 
nporpaMMHoe o 6 ecneneHne h/ih yerpaHATb npo 6 /ieMbi, cBA3aHHbie c 
naKeTaMH. Bbi 6 yAeTe ncno/ib30BaTb APT b cBoePi noBceAHeBHoPi 
pa 6 oTe c Kali Linux, h b 3 ToPi maBe Mbi no 3 H 3 KOMHM Bac c APT h 
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noicaweM BaM, KaK ycraHaB/iMBaTb, yfla/i^Tb, o6HOB.rmTb m ynpaB/i^Tb 
naKeTaMM m Aawe noKa>KeM BaM, KaK nepeMemaTb naKeTbi Me>KAy 
pa3HbiMM AncTpn6yTMBaMM Linux. Mbi TaK>Ke noroBopuM o 
rpacjDMHecKMx MHcrpyMeHTax, KOTopbie ncno/ib3yK)T APT, noKa>KeM 
BaM, KaK npoBepjRTb noA/imHHOCTb naKeTOB, m yrny6uMCJR b 
KOH uenpuK) rolling distribution - MeTOA, KOTopbiM e>KeAHeBHO 
o6HOB/ifleT Bamy cMcreMy Kali. 

npe>KAe neM Mbi KonHeM rny6>Ke m noKa>KeM BaM, KaK ncno/ib30BaTb 
dpkg m APT A-nfl ycraHOBKM m ynpaB/iem/m naKeTaMM, oneHb b3>kho, 
HTo6bi Mbi yr/iy6M/iMCb b HeKOTopbie BHyTpeHHMe ag^ctbma APT m 
o6cyAn/in HeKOTopyio TepMMHonorMK), Mcno/ib3yeMyK) b HeM. 


Hctohhmk natceTa n mcxoahuim naKeT (Package Source and 
Source Package) 

C/IOBO MCXOAHbW/MCTOyHMK ( SOUrCe) MO>KeT 6blTb AByCMbIC/ieHHbIM. 
1/lcxoAHbiM naKeT (source package)—flBrmeTCfl naKeTOM, KOTopbiM 
coAep>KMT MexoAHbiM koa nporpaMMbi - He c/ieAyeT nyTaTb c 
mctohhmkom naKeTa (package source) - peno3MTopMeM (Be6-caPiTOM, 
FTP cepBepoM, CD-ROM, ziOKa/ibHOM AnpeKTopMePi, m t.a-)/ KOTopbiM 
coAep>KMT naKeT. 


APT M3B/ieKaeT cbom naKeTbi M3 peno3MTopMA, xpaHM/iMLua naKeTOB 
m/im npocTO, "MCTOHHMKa naKeTa". (DaPm /etc/apt/sources.list 
nepenMcrmeT pa3/iMHHbie peno3MTopMM (m/im mctohhmkm), KOTopbie 
coAep>KaT naKeTbi Debian. 


8.1.2 llpaBMAbHoe noHM/viaHMe sources.list c|)aMAa 

OaM/i sources.list AB/ifleTca K/noneBbiM c^aM/iOM KOHc^MrypauMM unn 
onpeAe/ieHMA MCTOHHMKa naKeTOB, m noaTOMy oneHb b3>kho noHMMaTb, 
KaK oh pa36MBaeTca m KaK ero HacTpaMBaTb, t.k. APT He 6yAeT 
pa6oTaTb 6e3 npaBM/ibHO onpeAe/ieHHoro cnMCKa MCTOHHMKa naKeTOB. 
flaBaMTe o6cyAHM ero cmht3kcmc. Ana Hana/ia Mbi B3nrmHeM Ha 
pa3/iMHHbie peno3MTopMM, KOTopbie Mcno/ib3yK)Tc?i Kali Linux, m 
o6cyAHM 3epKana m 3epKa/ibHbie nepeHanpaB/ieHMA, m TO/ibKO noc/ie 
3Toro Bbi 6yAeTe roTOBbi k Mcno/ib30BaHMK) APT. 
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Kawaafl aKTMBHan CTpoHKa c|3aPina /etc/apt/sources.list (m ct>aPinoB 
/etc/apt/sources.list.d/*. list) coagp>kmt onucaHne MCTOHHMKa, 
cfle/iaHHoro M3 Tpex nacrePi, pa3fle/ieHHbix npo6enaMM. 
KoMMeHTupyeMbie ctpokm HaHMHaKrrcn c cMMBO/ia #: 


# deb cdrom:[Debian GNU/Linux 2016.1 _Kali-rolling_ - Official Snapshot amd64 LIVE/ 
INSTALL Binary 20160830-11:29]/ kali-rolling contrib main non-free 

deb http://http.kali.org/kali kali-rolling main non-free contrib 


flaBaPiTe B3rnnHeM Ha cMHTaKCMc btoto c|3aPina. nepBoe none 
o6o3HaHaeT Tun HCTOHHmca: 

• deb Ann 6nHapHbix naKeTOB, 

• deb-src Ann HcxoflHbix naKeTOB. 

BTopoe none flaeT 6a30BbiPi URL-aflpec HCTOHHHKa : oh MO>KeT 
cocTonTb M3 3epKana Debian v \ nv \ nK)6oro Apyroro apxMBa naKeTOB, 
HacTpoeHHoro TpeTbePi cTopoHoPi. URL-aflpec MO>KeT HaHMHaTbcn c 
file:// A-n^ yKa3aHMn noKanbHoro MCTOHHMKa, ycTaHOBneHHoro b 
MepapxMM cJ^aPinoB cMCTeMbi, c http: // A-rm yKa3aHMn MCTOHHMKa, 
AOCTynHoro c Be6-cepBepa, v \ nv \ c ftp:// A-rm MCTOHHMKa, AOCTynHoro 
Ha FTP-cepBepe. URL-aApec TaK>Ke MO>KeT HaHMHaTbcn c cdrom: A-na 
ycTaHOBKM c CD-ROM/DVD-ROM/ Blu-ray, xotjr btot cnoco6 
CTaHOBMTcn pe>Ke Mcnonb3yeMbiM, nocKonbKy MeTOAbi ycTaHOBKM M3 
ceTM cTaHOBnTcn 6onee pacnpocTpaHeHHbiMM. 

l/lHc|3opMai4Mfl cdrom onncbiBaeT BaniM ycTpoPicTBa CD/DVD-ROM. B 
omMHMe ot ApyrMx 3anMcePi, CD-ROM He BcerAa 6biBaeT AOCTyneH, 
TaK KaK oh Aon>KeH 6biTb BCTaBneH b npMBOA, m, KaK npaBMno, 3a oahh 
pa3 MO>KHO CHMTbIBaTb MHCjDOpMaUMK) TOnbKO C OAHOrO AHCK3. Il0 3TMM 
npMHMHaM 3 tm mctohhmkm ynpaBnnKrrcn HecKonbKO MHane m Aon>KHbi 
6biTb Ao6aBneHbi nporpaMMoPi apt-cdrom, o6bNHO BbinonHneMoPi c 
noMombK) napaMeTpa add. 3aTeM Bac nonpocnT BcraBMTb auck b 
Amckoboa, rAe ero coAep>KMMoe 6yAeT npocMaTpMBaTbcn b noMCKax 
c^aPina naKeTOB. Oh 6yAeT Mcnonb30BaTb 3 tm cjoaPinbi Ann o6HOBneHMn 
CBoePi 6a3bi AaHHbix naKeTOB (3Ta onepaMMn o6bNHO BbinonHneTcn 
KOMaHAoPi apt update), nocne 3Toro APT 3anpocMT AononHMTenbHbiPi 
Amck, ecnM eMy Hy>KeH naKeT, xpaHnmMPicn Ha HeM. 
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CkiHTaKCMc noc/ieflHero no/ia 3aBncnT ot crpyKTypbi peno3MTopMA. B 
caMbix npocTbix c/iyna^x Bbi MO>KeTe npocTO yKa3aTb cy6-AnpeKTopnK) 
(c Heo6xoAMMbiM 3H3K0M c/iawa) >xe/iaeMoro MCTOHHMKa (3to name 
Bcero o6bNHbiPi 3HaK KOTopbiPi 03HanaeT OTcyTCTBi/ie cy6- 

AkipeKTopuM - b TaKOM c/iynae naKeTbi HaxoAflTcs HenocpeACTBeHHO 
no yKa3aHHOMy URL). Ho b 6o/ibi±iMHCTBe cnynaeB peno3MTopnn 6yAyT 
CTpyKTypi/ipoBaHbi, KaK 3epKano Debian, c MHO>KecTBO 
AMCTpn6yTMBOB, Ka>KAblM M3 KOTOpbIX 06 /iaAaeT 60 /lbLUMM 
KO/lMHeCTBOM KOMnOHeHTOB. B 3TMX C/iyHaflX Ha30BMTe Bbl6paHHblPi 
AMCTpM6yTMB, a 3aTeM KOMnoHeHTbi (m/im pa3Ae/ibi), KOTopbie Hy>KHO 
BK/IKDHMTb. flaBaMTe BblA6J"IMM ei±ie HeMHOTO BpeMeHM Ha 
npeACTaBneHMe btmx pa3Ae/iOB. 

Debian m Kali Mcno/ib3yK)T tpm pa3Ae/ia A-na AMcfK^epeHUMpoBaHMfl 
naKeTOB comacHO /iMueH3MM, Bbi6paHHOM aBTopaMM k3>kaom pa6oTbi. 

Main coAep>KMT Bee naKeTbi, KOTopbie cooTBeTCTByKDT reHepajibHoPi 
jimhmm 6ecnnaTHoro nporpaMMHoro o6ecneneHMfl Debian (Debian Free 
Software Guidelines 27 ). 

ApxMBbi, KOTopbie flBrmiOTCfl non-free, AOBO/ibHO cM/ibHO OTJiMHaiOTCjq, 
noTOMy hto ohm coAep>KaT nporpaMMHoe o6ecneneHMe, KOTopoe He 
(noriHOCTbio) cooTBeTCTByeT AaHHbiM npMHUMnaM, ho KOTopoe, TeM He 
MeHee, MO>KeT pacnpocTpaHATbca 6e3 orpaHMneHMfl. 

Contrib (contributions) npeACTaBrmeT co6om Ha6op nporpaMM c 
OTKpbITbIM MCXOAHbIM KOAOM, KOTOpbie He MOryT Cj^yHKUMOHMpOBaTb 
6e3 HeKOTopbix non-free 3/ieMeHTOB. 3tm 3/ieMeHTbi MoryT BK/nonaTb 
nporpaMMHoe o6ecneneHMe M3 pa3Ae/ia non-free mjim non-free 
c^aPinoB, t3kmx KaK MrpoBbie I13y, BIOS KOHconePi m t. a- Contrib 
TaK>Ke BK/iKDHaeT b ce6s 6ecn/iaTHoe nporpaMMHoe o6ecneneHMe, A-na 
KOMnMnjquMM KOToporo Tpe6yiOTCfl naTeHTOBaHHbie 3/ieMeHTbi, TaKMe 
KaK VirtualBox, KOTopbiPi b cbokd onepeAb Tpe6yeT non-free 
KOMnM/lJITOp A-n^ C03AaHM3 HeKOTopbix CBOMX Cf)aM/10B. 

Tenepb AaBaPiTe nocMOTpMM Ha cTaHAapTHbie mctohhmkm naKeTOB Kali 
Linux m/im peno3MTopMM. 


27 https://www. debian.org/social_contract#guidelines 
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8.1.3 Peno3MTopnM Kali 


CTaHflapTHbm cpan/i sources.list A-rm cncreMbi, pa6oTaK>meM Ha Kali 
Linux, OTHOCMTCfl k OAHOMy peno3MTopnK) (kali-rolling) n TpeM paHee 
ynoMAHyTbiM KOMnoHeHTaM: main, contrib h non-free: 


# Main Kali repository 

deb http://http.kali.org/kali kali-rolling main contrib non-free 


flaBauTe no3HaKOMHMCfl c pa3/inHHbiMn Kali peno3i/iTopi/mMn. 


Kali-Rolling peno3MTopMM 


3to ochobhom peno3MTopnM Ann KOHenHbix no/ib30BaTeneM. Oh 
BcerAa AO/i>KeH coAepwaTb caMbie HOBbie h ycraHaB/inBaeMbie 
naKeTbi. Oh ynpaB/iaeTCfl nHCTpyMeHTOM, KOTopbin o6"beAHHfleT 
Debian Testing m oco6bie naKeTbi Kali, TaKi/iM o6pa30M, rapaHTnpya, 
hto 3aBMCMM0CTM Ka>KAoro naKeTa MoryT 6biTb yAOBneTBopeHbi b kali¬ 
rolling. flpymMM c/iOBaMH, ncK/iionaa BepoaTHOCTb /ik)6om olum6km b 
cqeHapi/mx noAAsp>KKM, Bee naKeTbi AO/i>KHbi 6biTb ycTaHOB/ieHbi. 

BBHAy Toro, hto Debian Testing pa3BHBaeTca e>KeAHeBHO, tohho 
TaK>Ke 3B0/iK)UM0HnpyeT n Kali Rolling. Oco6bie Kali naKeTbi TaK>Ke 
pery/iapHO o6hob/ijrk)tc?i, nocKO/ibKy Mbi KOHTpo/inpyeM 
CBoeBpeMeHHbie BbinycKi/i caMbix Ba>KHbix naKeTOB. 


Kali-Dev peno3MTopnM 


flaHHbm peno3HTopnPi He npeAHa3HaneH Ann o6mero no/ib30BaHi/m. 
3to npocTpaHCTBO, b kotopom pa3pa6oTHMKM Kali pewaiOT npo6/ieMbi 
3aBMCMM0CTePi, B03HMKaK)mne b pe3y/ibTaTe cnvwHwn oco6bix naKeTOB 
Kali b Debian Testing. 

3to TaK>Ke MecTO, KyAa cHana/ia 3arpy>KaK)TCfl o6HOB/ieHHbie naKeTbi, 
nosTOMy, ec/in BaM Hy>KHO o6HOB/ieHne, KOTopoe 6bmo BbinymeHO 
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HeAaBHO, ho KOTopoe eme He aoctmt/io kali-rolling, Bbi MO>KeTe 
no/iyHMTb ero M3 btoto peno3MTopMA. 3to He peKOMeHAyeTCfl A-rm 
o6bNHbix no/ib30BaTe/iePi. 


Peno3MTopnM Kali-Bleeding-Edge 


3tot peno3MTopnM coAep>KHT naiceTbi, aBTOMaTMHecKM co3AaHHbie M3 
cooTBeTCTByKDmero peno3MTopn?i Git (m/im Subversion). 
no/io>KMTe/ibHbiM MOMeHTOM AB-rmeTca to, hto Bbi cpa3y >Ke no/iynaeTe 
AOCTyn k noc/ieAHMM c^yHKUMflM m McnpaB/ieHMAM oi±im6ok MeHee, neM 
nepe3 24 naca noc/ie toto, KaK ohm 6bi/iM cAenaHbi. 3to MAea/ibHbiM 
cnoco6 npoBepMTb, McnpaB/ieHa tim oniM6Ka, o kotopom Bbi paHee 
coo6ma/iM. 

HeAOCTaTKOM AB/iaeTCfl to, hto btm naxeTbi He 6bmn npoTecTMpoBaHbi 
m/im npoBepeHbi: ec/iM cooTBeTCTBeHHbie M3MeHeHMa noB/iMA/iM Ha 
naKeTMpoBaHMe (Ao6aBMB HOByio 3aBMCMMOCTb), TorAa 3tot naiceT 
MO>KeT He pa6oTaTb. \A3-33 3Toro peno3MTopMM noMeneH tokmm 
o6pa30M, hto APT aBTOMaTMnecKM He ycTaHaB/iMBaeT naiceTbi M3 Hero, 
oco6eHHO, bo BpeMfl o6HOBneHMjq. 

Bbi MO>KeTe 3aperMCTpMpoBaTb peno3MTopMM /im6o nyTeM 
peAaKTMpoBaHMjR /etc/apt/sources.list m/im nyTeM co3AaHMa HOBoro 
ct^aMna b AHpeKTopMM /etc/apt/sources. I ist.d, KOTopbiM MMeeT 
npeMMymecTBO npn BbixoAe M3 mcxoahom cMcreMbi sources.list file un 
-altered. B ashhom npMMepe Mbi npeAnon/iM co3AaTb OTAe/ibHbiM 
c^aM/i /etc/apt/ sources.list.d/kali-bleeding-edge.list cneAyroiAMM 
o6pa30M: 


# Kali Bleeding Edge repository 

deb http://http.kali.org/kali kali-bleeding-edge main contrib non-free 


3epKaAa Kali Linux 


BbiAep>KKM M3 sources.list, yxasaHHbie Bbiiue, othocatca k 
http.kali.org: bto cepBep, Ha kotopom pa6oTaeT MirrorBrain 2 , 
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KOTopbiM nepeHanpaBrmeT Banin HTTP-3anpocbi b ocj^nunanbHoe 
3epKa/io, HaxoA^meecfi paaom c BaMn. MirrorBrain KOHTponnpyeT 
Ka>KAoe 3epKano, HTo6bi rapaHTnpoBaTb, hto ohh pa6oTaiOT AO/i>KHbiM 
o6pa30M n nBnnKrrcn o6HOBneHHbiMn; oh BcerAa nepeHanpaBMT Bac 
Ha xopomee 3epKa/io. 


OT/iaflKa nepeHanpaB/ieHMfi 3epKa/i Ecnn y Bac bo3hhk36t 
npo6/ieMa c 3epKa/iOM (HanpnMep, n3-3a HeyAaHHoro o6HOBneHnn 
apt), Bbi MOweTe ncnonb30BaTb curl -si, HTo6bi yBnASTb, KyAa 
KOHKpeTHO Bbi nepeHanpaBnneTecb: 


$ curl -si http://http.kali.org/README 

HTTP/1.1 302 Found 

Date: Mon, 11 Apr 2016 09:43:21 GMT 

Server: Apache/2.4.10 (Debian) 

X-MirrorBrain-Mirror: ftp.free.fr 
X-MirrorBrain-Realm: country 

Link: <http://http.kali.org/README.meta4>; rel=describedby; 

** type="application/metalink4+xml" 

Link: <http://ftp.free.fr/pub/kali/README>; rel=duplicate; 
pri=l; geo=fr 

Link: <http://de-rien.fr/kali/README>; rel=duplicate; pri=2; 
geo=fr 

Link: <http://ftp.halifax.rwth-aachen.de/kali/README>; rel= 
duplicate; pri=3; geo=de 

Link: <http://ftp.belnet.be/kali/kali/README>; rel=duplicate; 
pri=4; geo=be 

Link: <http://ftp2.nluug.nl/os/Linux/distr/kali/README>; rel= 
duplicate; pri=5; geo=nl 
Location: http://ftp.free.f r/pub/kali/README 
Content-Type: text/html; charset=iso-8859-l 


Ec/in npo6/ieMa coxpaHneTcn, Bbi MOweTe OTpeAaKTnpoBaTb 
/etc/apt/sources.Ust uma Apyroro n3BecTHoro pa6onero 3epKa/ia 
BMecTO (nnn ao) 3anncn http.kati.org 


y Hac TaK>Ke ecTb BTopon aioeMnnap MirrorBrain: r^e http.kali.org 
pa3MemaeT peno3HTopnn naKeTOB, a cdimage.kali.org pa3MemaeT 
BbinymeHHbie ISO-o6pa3bi. 
http://cdimage.kali.org 

Ec/in Bbi xoTMTe 3anpocnTb cnncoic ocjDnuna/ibHbix 3epKa/i Kali Linux, 
Bbi MOweTe Ao6aBHTb .mirrorlist b nio6on AonycrnMbin URL-aApec, 
yKa3biBaK>mnn Ha http.kali.org nnn cdimage.kali.org. 
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http://http.kali.org/README.mirrorlist 

http://cdimage.kali.org/README.mirrorlist 


3TM CriMCKM He ABJlfllOTCfl MCHepnbIBaiOLAMMM M3-3a HeKOTOpbIX 
orpaHHHeHMM MirrorBrain (b nacTHOCTM, 3epKa/ia, 3aBncfuune ot 
HexoTopbix cTpaH, He OTo6pa>KaK)TC5q b cni/icice, ecnM Bbi He 
HaxoflMTecb b flaHHOM CTpaHe). Ho ohm coAepwaT /lyHLUMe 3epKana: 
ohm b xopomeM coctoahmm m MMeKDT 6o/ibiuyK) nponycKHyK) 
cnoco6HOCTb. 


8.2 OcHOBHoe B3aMMOAeMCTBMe naKeTOB 

Tenepb BOopy>KMBLUMCb 6a30BbiM noHMMaHMeM /iaHALuac|Tra APT, 
AaBaPiTe paccMOTpMM HexoTopbie 6a30Bbie B3aMM0AeMCTBMa naxeTOB, 
BKnKDHaa MHMUMa/iM3auMK) APT; ycTaHOBKy, yAaneHMe m OHMcncy 
naxeTOB; m M0AepHM3auMK> cMCTeMbi Kali Linux. 3aTeM AaBaPiTe 
3aMMeMC5q KOMaHAHOM CTpOKOM AH9] TOTO, HT 06 bl B3rrmHyTb Ha 
HexoTopbie rpacf)MHecKMe MHCTpyMeHTbi APT. 


8.2.1 HHMU,MaAM3aLi 1 Mfl APT 

APT flBrmeTCfl o6niMpHbiM npoeKTOM m Ha6opoM MHCTpyMeHTOB, HbM 
nepBOHana/ibHbie n/iaHbi BK/noHa/iM rpacpMHecKMM MHTepcpeMC. C 
TOHKM 3peHM3 KJlMeHTa, OH COCpeAOTOHeH BOKpyr MHCTpyMeHTa 
KOMaHAHOM ctpokm apt-get, a Tao<e apt, KOTopbiM no3AHee 6bm 
pa3pa6oTaH f\y\n npeoAO/ieHMA HeAOCTaTKOB AH33MHa apt-get. 

CymecTByKDT rpacpMnecKMe a/ibTepHaTMBbi, pa3pa6oTaHHbie TpeTbMMM 
CTopoHaMM, b tom HMc/ie synaptic m aptitude, KOTopbie Mbi o6cyAHM 
HeMHoro no3>Ke. Mbi npeAnoHMTaeM Mcno/ib30BaTb apt, KOTopafl 6yAeT 
Mcno/ib30BaHa bo Bcex nocneAyKDmux npMMepax. OAHaKO, Mbi Tao<e 
nOAP 06 HO M3/10>KMM HeKOTOpbie M3 OCHOBHbIX pa3/lMHMM CMHTaKCMCa 
Me>KAy MHCTpyMeHTa MM no Mepe MX B03HMKH0BeHMfl. 

npM pa6oTe c APT Bbi AO/i>KHbi cHanana 3arpy3MTb cnMcox AOCTynHbix 
naxeTOB c o6HOB/ieHMeM apt. B 33bmcmmoctm ot ckopoctm Bamero 
nOA K/lKDHeHMfl 3T0 MO>KeT 3aHflTb HeKOTOpOe BpeMfl, nOTOMy HTO 
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cni/icoK pa3/iMHHbix naKeTOB, cnncoK mctohhmkob m (^aPi/ibi nepeBOflOB 
Bbipoc/iM b pa3Mepe HapHAy c pa3pa6oTKOM Debian. Kohchho, c6opkm 
A.rm ycTaHOBKM c CD/DVD MHCTa/i/iMpyiOTCfl HaMHoro 6bicTpee, noTOMy 
HTO OHM AB/lfllOTCfl /lOKa/lbHblMM {\r\9\ BaLLieM MaLUMHbl. 


8.2.2 YdaHOBKa naKeTOB 

5/iaroAapa npoAyMaHHOMy AH3aMHy cMCTeMbi naKeTOB Debian Bbi 
MO>KeTe nerKO ycraHaB/iMBaTb naKeTbi c m/im 6e3 mx 3aBMCMMOCTeM . 
flaBaMTe nocMOTpMM Ha ycTaHOBKy naKeTa c noMombio dpkg m apt. 


YdaHOBKa naKeTOB c noMow.bK) dpkg 


dpkg AB/iaeTCfl ocHOBHbiM MHCTpyMeHTOM, KOTopbiPi Bbi 6yAeTe 
Mcno/ib30BaTb (npjRMO m/im kocbchho nepe3 APT), KorAa BaM Hy>KHO 
ycTaHOBMTb naKeT. 3 to Tao<e OT/iMHHbiM Bbi6op, ec/iM Bbi pa6oTaeTe 
b aBTOHOMHOM pe>KMMe, nocKO/ibKy f\r\9\ Hero He Tpe6yeTca 
noAK/iioneHMe k 1/lHTepHeTy. noMHMTe, hto dpkg He ycTaHOBMT 
HMK3KMX 3aBMCMMOCTeM, KOTopbie MoryT noTpe6oBaTbCfl A-n^ naKeTa. 
HTo6bi ycTaHOBMTb naKeT c dpkg, npocTO yKa>KMTe napaMeTp -i mum - 
install m nyTb k .deb. B ashhom c/iynae noApa3yMeBaeTca, hto Bbi 
paHee 3arpy3M/iM (m/im no/iynn/iM KaKMM-TO ApyrMM cnoco6oM) cj^aM/i 
.deb naKeTa A-n^ ycTaHOBKM. 


# dpkg -i man-db_2.7.0.2-5_amd64.deb 

(Reading database ... 86425 files and directories currently installed.) 
Preparing to unpack man-db_2.7.0.2-5_amd64.deb ... 

Unpacking man-db (2.7.0.2-5) over (2.7.0.2-4) ... 

Setting up man-db (2.7.0.2-5) ... 

Updating database of manual pages ... 

Processing triggers for mime-support (3.58) ... 


Mbi MOweM BMASTb pa3/iMHHbie LuarM, Bbino/iHfleMbie dpkg, m 
COOTBeTCTBeHHO MO>KeM BMASTb, B KaKOM MOMeHT MO>KeT np0M30MTM 
KaKaa-/iM6o oniM6Ka. napaMeTp -i m/im -install Bbino/iH^eT Asa 3Tana 
aBTOMaTMHecKM: oh pacnaKOBbiBaeT naKeT m 3anycKaeT cueHapMM 
KOHcjDMrypauMM. Bbi MO>KeTe Bbino/iHMTb 3 tm Aea niara 
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caMOCTOATe/ibHO (icaic 3to o6bNHO Ae-naeT apt) c napaMeTpaMM - 
unpack m -configure, cooTBeTCTBemno: 


# dpkg --unpack man-db_2.7.0.2-5_amd64.deb 

(Reading database ... 86425 files and directories currently installed.) 
Preparing to unpack man-db_2.7.0.2-5_amd64.deb ... 

Unpacking man-db (2.7.0.2-5) over (2.7.0.2-5) ... 

Processing triggers for mime-support (3.58) ... 

# dpkg --configure man-db 
Setting up man-db (2.7.0.2-5) ... 

Updating database of manual pages ... 


06paTHTe BHMMam/ie, hto crpoKi/i «Tpnrrepbi o6pa6oTKi/i» othocatca k 
koay, KOTopbM Bbino/ii-meTCfl aBTOMaTunecKM, Kor^a naKeT 
Ao6aB/i^eT, yAa/iaeT m/im M3MeHaeT c^aM/ibi b HeKOTopbix 
KOHTponnpyeMbix AnpeKTopM^x. HanpMMep, naKeT mime- support 
KOHTpo/inpyeT usr/lib/mime/packages m Bbinoni-meT KOMaHAy update- 
mime BCflKMM pa3, KOTAa HTO-TO M3MeHfleTCfl B 3T0M AHpeKTOpMM 
(HanpMMep, /usr/lib/mime/packages/man-db b KOHKpeTHOM c/iynae 
man-db). 

1/lHorAa dpkg He cMO>KeT ycTaHOBMTb naKeT m BbiAaeT oniM6Ky. TeM He 
MeHee, Bbi MO>KeTe npMKa3aTb dpkg, MmopMpoBaTb bto, m mnbKO 
BbiAaTb npeAynpe>KAeHMe c pa3/iMHHbiMM napaMeTpaMM -force- *. 
BbiBOA KOMaHAbi dpkg --force- help OTo6pa3MT no/iHbiM cnncoK btmx 
napaMeTpoB. HanpMMep, Bbi MO>KeTe Mcno/ib30BaTb dpkg unn 
npMHyAMTe/ibHOM ycTaHOBKM zsh: 


$ dpkg -i --force-overwrite zsh_5.2-5+bl_amd64.deb 


Hacrafl oniM6Ka, c kotopom Bbi paHO m/im no3AHO cTO/iKHeTecb, - bto 
KOHcf)/iMKT ct)aM/iOB. KorAa naKeT coasp>kmt cj^aPm, KOTopbiPi y>Ke 
ycTaHOBneH ApyrMM naKeTOM, dpkg OTKaweTca ero ycTaHOBMTb. 
floflBflTCfl c/ieAyKDinne TMnbi coo6meHMM: 


Unpacking libgdm (from .../Iibgdm_3.8.3-2_amd64.deb) ... 

dpkg: error processing /var/cache/apt/archives/libgdm_3.8.3-2_amd64.deb (--unpack): 
** trying to overwrite '/usr/bin/gdmflexiserver', which is also in package gdm3 
* 3.4.1-9 
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B 3tom cnynae, ecni/i Bbi cni/iTaeTe, hto 3aMeHa btoto c|3aM/ia He 
AB.rmeTCfl 3HaHMTe/ibHbiM pmckom A/ia cTa6i/mbHOCTi/i BamePi ci/icreMbi 
(KaK npaBM/io, bto TaK), Bbi MO>KeTe ncnonb30BaTb -force-overwrite 
Ana nepe3ani/icbiBaHnn cj^akina. 

XoTa cymecTByeT MHO>KecTBO AOCTynHbix napaMeTpoB -force- *, 
mo>kho ncnonb30BaTb TonbKO -force-overwrite. 3 tm BapnaHTbi 
cymecTByKDT A-n^ MCKniOHMTenbHbix ci/iTyaum/i, m nyauie ocraBi/iTb mx b 
noicoe KaK mo>kho Ha Aonbme, HTo6bi co6nK)AaTb npaBi/ma, 
ycTaHOBneHHbie MexaHM3MOM naKeTHpoBaHHa. He 3a6biBaMTe, hto btm 
npaBi/ma o6ecneHMBaK)T cornacoBaHHOCTb m cTa6nnbHOCTb BaniePi 
CMCTeMbl. 


YdaHOBKa naKeTOB c no/vioiii.bK) APT 


XoTa APT aBnaeTca HaMHoro 6onee npoABMHyTbiM, neM dpkg, m 
B binonHaeT ropa3AO 6onbme pa6oTbi, Bbi o6Hapy>Ki/iTe, hto ero 
B3anMOAeMCTBne c naKeTaMi/i AOBonbHO npocToe. Bbi MO>KeTe 
Ao6aBHTb naKeT b ci/icTeMy c noMombK) npocToPi KOMaHAbi apt install 
package. APT aBTOMaTHHecKM ycraHOBi/iT Heo6xoAHMbie 3aBncnMOCTn: 
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# apt install kali-linux-gpu 

Reading package lists... Done 

Building dependency tree 

Reading state information... Done 

The following additional packages will be installed: 

oclgausscrack oclhashcat 
The following NEW packages will be installed: 

kali-linux-gpu oclgausscrack oclhashcat 
0 upgraded, 3 newly installed, 0 to remove and 416 not upgraded. 

Need to get 2,494 kB of archives. 

After this operation, 51.5 MB of additional disk space will be used. 

Do you want to continue? [Y/n] 

Get:l http://archive-2.kali.org/kali kali-rolling/non-free amd64 oclhashcat amd64 2.01+ 

* git20160114-0kali2 [2,451 kB) 

Get:2 http://archive-2.kali.org/kali kali-rolling/main amd64 oclgausscrack amd64 1.3-1 
** kali2 [37.2 kB] 

Get:3 http://archive-2.kali.org/kali kali-rolling/main amd64 kali-linux-gpu amd64 

* 2016.3.2 [6,412 B] 

Fetched 2,494 kB in 0s (3,060 kB/s) 

Selecting previously unselected package oclhashcat. 

(Reading database ... 317084 files and directories currently installed.) 

Preparing to unpack .../0-oclhashcat_2.01+git20160114-0kali2_amd64.deb ... 

Unpacking oclhashcat (2.01+git20160114-0kali2) ... 

Selecting previously unselected package oclgausscrack. 

Preparing to unpack .../l-oclgausscrack_1.3-lkali2_amd64.deb ... 

Unpacking oclgausscrack (1.3-lkali2) ... 

Selecting previously unselected package kali-linux-gpu. 

Preparing to unpack .../2-kali-linux-gpu_2016.3.2_amd64.deb ... 

Unpacking kali-linux-gpu (2016.3.2) ... 

Setting up oclhashcat (2.01+git20160114-0kali2) ... 

Setting up oclgausscrack (1.3-lkali2) ... 

Setting up kali-linux-gpu (2016.3.2) ... 


Bbi T3 K>Ke MOweTe ncno/ib30BaTb apt-get install package, m/im aptitude 
install package. fl/ia npocroi/i ycraHOBKn naiceTOB ohm Ae/iaiOT 
npaKTMnecKM to >Ke caMoe. KaK Bbi yBMAMTe no3>Ke, ottimhm^ 6yAyT 
6o/iee 3aMeTHbi no OTHomeHMK) k o6HOB/ieHMflM mjim Kor^a 
pa3pemeHMe 3aBMCMM0creM He MMeeT MAea/ibHoro peuieHMa. 

Ec/im nepeHMc/ijqeT HecKO/ibKO AncrpM6yTMB0B, Bbi MO>KeTe yi<a3aTb 
BepcMio naKeTa c noMombK) apt install package=version, ho Bceryja 
>Ke/iaTe/ibHO yKa3aTb npoMcxo>KAeHMe AMCTpM6yTMBa (kali-rolling, 
kali-dev, or kali-bleeding- edge) c noMombK) apt install 
package/distribution. 

KaK m b c/iynae c dpkg, Bbi MO>KeTe nopynMTb apt npMHyAMTenbHO 
ycTaHOBMTb naKeT m nepe3anMcaTb c^aPinbi c noMombK) -force- 


226 



overwrite, ho cMHTaKCMc b otom c/iynae 6yfleT BbimaAeTb HeMHoro 
CTpaHHO, nocKO/ibicy Bbi nepeAaeTe apryMeHT nepe3 dpkg: 


# apt -o Dpkg::Options:-force-overwrite" install zsh 


8.2.3 06HOB/ieHkie Kali Linux 

B KanecTBe rolling AMCTpn 6 yTMBa Kali Linux 06 /iaAaeT 
BneHaT/lflKDLUHMM B03M0>KH0CT?IMM 06 H 0 B/ieHMJR. B 3T0M pa3Ae/ie Mbl 
paccMOTpHM, KaKMM o6pa30M Bbi MO>KeTe npocTO o 6 HOBHTb Kali, a 
Ta K>xe o 6 cyAHM crpaTerMM nnaHi/ipoBaHi/m BauiMx o 6 HOB/ieHMM. 

Mbi peKOMeHAyeM Mcno/ib30BaTb pery/iapHbie o6HOB/ieHMfl, Tax KaK 
ohm 6yAyT ycTaHaB/iMBaTb noc/ieAHMe o6HOB/ieHMfl 6e3onacHOCTM. 
HTo6bi HanaTb npouecc o6HOB/ieHMfl, Mcno/ib3yMTe apt update, 3a 
KOTopbiM cneAyKDT apt upgrade, apt-get upgrade mjim aptitude safe- 
upgrade. 3tm KOMaHAbi MmyT ycTaHOB/ieHHbie naxeTbi, KOTopbie 
mo>kho o6HOBMTb 6e3 yAa/ieHMA KaKMx-nM6o naxeTOB. flpyrMMM 
c/iOBaMM, ue/ib coctomt b tom, HTo6bi o6ecneHMTb HaMMeHee 
HaBfl3HMB0e 06 H 0 BneHMe HaCKO/lbKO 3T0 B03M0>KH0. 1/lHCTpyMeHT 
KOMaHAHOM ctpokm apt-get HeMHoro 6onee Tpe6oBaTe/ibHbiM, neM 
aptitude m/im apt, noTOMy hto oh OTKa>KeTCfl ycraHaB/iMBaTb naxeTbi, 
KOTopbie He 6bi/iM ycTaHOB/ieHbi 3apaHee. 

1/lHCTpyMeHT apt o6bi«-mo Bbi6MpaeT caMbiPi noc/ieAHMM HOMep BepcMM 
( 3 a MCKmoneHMeM naxeTOB c kali-ibleeding-edge, KOTopbie no 
yMonnaHMK) MnnopupyiOTCfl He3aBMCMM0 ot mx HOMepa BepcMM). 

HT 06 bl MCn0/lb30BaTb KOHKpeTHbIM AHCTpM6yTMB npM nOMCKe 
o6HOB/ieHHbix naxeTOB, BaM Heo6xoAHMO Mcno/ib30BaTb napaMeTp -t 
m/im -target-release, 3a KOTopbiM cneAyeT mma Hy>KHoro BaM 
AMCTpM6yTMBa (HanpMMep: apt -t kali-rotting upgrade). HTo6bi 
M36e>KaTb yKa3aHMa btom onpMM Ka>KAbiM pa3, KorAa Bbi Mcno/ib3yeTe 
apt, Bbi MO>KeTe Ao6aBMTb APT :: Default-Release « ka I i - ro 11», b cj^aM/ie 
/etc/apt/apt.conf.d/local. 

P,H9\ 60 /iee Ba>KHblX 06 H 0 B/ieHMM, TaKMX KaK 06 H 0 B/ieHMe OCHOBHbIX 
BepcMM, Mcno/ib3yMTe apt full-upgrade. C noMombio btom KOMaHAbi apt 
3aBepLUMT o6HOB/ieHMe, Aa>xe ec/iM eMy Hy>KHO yAa/iMTb HexoTopbie 
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ycTapeBLUMe naiceTbi i/iai/i ycraHOBi/iTb HOBbie 3aBi/ici/iM0cn/i. 3 to TaK>Ke 
KOMaHAa, KOTopyK) Bbi AO/i>KHbi ncnonb30BaTb Ann perynapHbix 
o6HOB/ieHMM BauiePi cMCTeMbi Kali Rolling. 3 to HacmnbKO npocro, hto 
bp?ia am Tpe6yeT KaKi/ix-Ai/160 AonoAHi/iTeAbHbix oStflCHem/iPi: 
nonyA^pHOCTb APT KaK pa3 ocHOBaHa Ha btom 3aMenaTeAbHoPi 
(JjyHKUMOHaAbHOCTM. 

B OTAMHi/ie ot apt m aptitude, apt-get He 3HaeT KOMaHAy full-upgrade. 
BMecTO 3Toro Bbi AOA>KHbi ncnoAb30BaTb apt-get dist-upgrade 
(o6HOBAeHkie AMCTpn6yTMBa), M3BeCTHyK) KOMaHAy, KOTOpyK) apt H 
aptitude TaK>xe npi/mi/iMaiOT Ann o6paTHoPi coBMecn/iMOCTi/i. 


ByflbTe ocerfla b xypce ea>KHbix M3MeHeHiiM 

HT06bl npeABMASTb HeKOTOpbie M3 3T MX npo6AeM, Bbi MO>KeTe 
ycTaHOBMTb naKeT apt-listchanges, KOTopbiPi OTo6pa>KaeT 
M HCjDOpMa UM KD 0 B03M0>KHblX npo6AeMaX B HanaAe 06H0BAeHl/m 
naKeTa. 3Ta i/mcj^opMaui/m co6i/ipaeTCA cocraBi/iTeAflMi/i naKeTOB i/i 
noMemaeTca b /usr/share/doc/package/NEWS.Debian. 

BHMMaTeAbHoe HTeHi/ie bti/ix c^aPiAOB (bo3mo>kho, nepe3 apt- 
listchanges) AOA>KHO nOMOHb BaM M36e>KaTb HenpM^THblX CK)pnpM30B. 


BBMAy toto, hto Kali nennercn rolling AMCTpi/i6yTMBOM, oh noAynaeT 
o6HOBAeHi/m HecKOAbKO pa 3 b AeHb. OAHaKO, bto He BcerAa nsnnejcn 
AyHLueM crpaTeri/iePi. 1 /lTaK, HacKOAbKO nacro BaM CAeAyeT o6HOBAATb 
Kali Linux. Ee 3 ycAOBHO, He cymecTByeT KaKi/ix-Ai/160 crpori/ix npaBi/m, 
ho ecTb HeKOTOpbie ocHOBHbie npi/m 141/1 nbi, KOTopbie, KOTopbie MoryT 
nOMOHb BaM. BaM CAeAyeT BbinOAHATb 06H0BAeHl/m B CAeAyKDLUMX 
CAynaAx: 

• KorAa BaM i/i 3 Becmo o npo6AeMe 6 e 3 onacHOCTM, i/icnpaBAeHHOM b 
06 H 0 BAeHMM; 

• Ecai/i Bbi noA03peBaeTe, hto o6HOBAeHHafl Bepci/m MO>KeT 
MCnpaBMTb OHIM6Ky, C KOTOpOPi Bbi CTOAKHyAMCb; 

• npe>KAe neM coo6maTb 06 oi±ii/i6Ke aaa Toro, HTo6bi y6eAMTbCA, hto 
OHa Bee eiue npkicyTCTByeT b AOCTynHoPi BaM nocAeAHePi Bepcm/i; 

• flOCTaTOHHO HaCTO, HT 06 bl nOAyHMTb 06 H 0 BAeHMA 6e30naCH0CTM, 0 
KOTOpbIX Bbi He CAblLLiaAM. 

• TaK>Ke cymecTByiOT cAynai/i, b KOTopbix Aynnie He BbinoAHATb 
o6HOBAeHne. Hanpi/iMep, Mbi He peKOMeHAyeM BbinoAHATb 
06H0BAeHMA B CAeAyKDLAMX CAyH3AX: 
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• Ec/im y Bac He 6yAeT AOcraTOHHO BpeMeHM McnpaBMTb B03HMKLune 
Heno/iaAKi/i (HanpMMep, noTOMy hto Bbi 6yAeTe o<t>/iaMH m/im 
noTOMy, hto co6npaeTecb noAroTOBMTb npe3eHTaunK> Ha cBoeM 
KOMnbKDTepe); nynwe Bbino/iHMTb o6HOB/ieHMe no3>Ke, KorAa y Bac 
6yAeT AOCTaTOHHO BpeMeHM A-rm ycrpaHeHMfl npo6/ieMbi, 
B03HHKLueM b npoqecce. 

• Ec/im b noc/ieAHee BpeMA y Bac npon30w.no (m/im npoAO/i>KaeTCfl) 
HapyweHkie pa6oTbi, m Bbi onacaeTecb, hto Bee npo6/ieMbi eme He 
pa3peweHbi. HanpMMep, npi/i BbinycKe hobom BepcMM GNOME He 
Bee naiceTbi o6HOBrmK)TCfl OAHOBpeMeHHO, h y Bac, Bepo^THO, 6yAeT 
coneTaHi/ie naKeTOB crapoM h hobom BepcMM. B 6o/ibWMHCTBe 
c/iynaeB bto HopMa/ibHO, m bto noMoraeT BceM BbinycicaTb bth 
o6HOBneHna nocTeneHHO, ho BcerAa cymecTByiOT MCK/noneHMA, h 
pa6oTa HeicoTopbix npn/io>KeHMH MoryT 6biTb HapyweHa n3-3a 
T3KMX HeCOOTBeTCTBHM. 

• Ec/im BbiBOA apt full-upgrade tobopht BaM, hto naiceTbi, 
Heo6xoAHMbie a-tw BawePi pa6oTbi 6yAyT yAa/ieHbi. B noAo6Hbix 
c/iynafix BaM c/ieAyeT paccMOTpeTb cMTyaumo m nonbiTaTbc^ 
noHjRTb, noneMy apt xoneT hx yAa/iHTb. Bo3mo>kho, naKeTbi b 
HacTOfuuee BpeMA noBpe>KAeHbi, h, cneAOBaTe/ibHO, BaM MO>xeT 
noHaAo6nTbc?i noAO>KAaTb, noKa 6yAyT AOCTynHbi McnpaB/ieHHbie 
BepcMH, m/im ohm npocTO-HanpocTO ycTape/iM, m Bbi AO/i>KHbi 
onpeAe/iMTb, neM mx 3aMeHbi, a 3aTeM npoAO/i>KMTb no/iHoe 
o6HOB/ieHMe. 

B o6meM, Mbi peKOMeHAyeM BaM o6HOB/i?iTb Kali He pewe OAHoro pa3a 
b HeAe/iK). Bbi MO>KeTe, kohchho, o6HOBrmTbca eweAHeBHO, ho Mbi 
cHMTaeM, hto bto He MMeeT cMbic/ia. flawe ec/iM 3epKa/ia 
CMHxpoHM3MpyK)TCfl HeTbipe pa3a b AeHb, o6HOB/ieHMA ot Debian, 
o6biHHO nocTynaiOT TO/ibKO oamh pa3 b AeHb. 


8.2.4 YAaAeHMe m ohmctks naKeTOB 

YAaneHMe naiceTa eme npome, neM ero ycraHOBica. flaBaMTe 
nocMOTpMM, KaK yAa/iMTb naiceT c noMombio dpkg m apt. 

HTo6bi yAa/iMTb naKeT c noMombio dpkg, BbicTaBbTe napaMeTp -r m/im 
-remove, a 3aTeM mma naiceTa. OAHaico, Ha btom yAa/ieHMe He 
3aBepweHo: Bee c^aPinbi KOHcf/MrypauMM, cueHapMM noAAep>KKM, 
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ct^aui/ibi >KypHa/iOB (cucTeMHbie >KypHa/ibi), AaHHbie, co3AaHHbie 
AeMOHOM (HanpuMep, coAep>KHMoe KaTa/iora cepBepa LDAP i/i/im 
coAep>KMMoe 6a3bi AaHHbix A-na SQL-cepBepa), h 6o/ibi±iMHCTBO 
Apyri/ix AaHHbix no/ib30BaTe/ifl, o6pa6aTbiBaeMbix naKeTOM, ocraKrrcfl 
HeTpoHyTbiMM. Onpi/m remove no3BO/ifleT /lerico yAa/iHTb nporpaMMy, 
a 3aTeM nepeycraHOBMTb ee c ToPi >Ke KOH^i/irypaui/iePi. TaK>Ke 
noMHHTe, hto 3aBncnMOCTn He yAa/iflKrrcjr PaccMOTpMM 3tot npHMep: 


# dpkg --remove kali-linux-gpu 

(Reading database ... 317681 files and directories currently installed.) 
Removing kali-linux-gpu (2016.3.2) ... 


Bbi Tai<>Ke MOweTe yAa/iMTb naKeTbi H3 cncTeMbi c noMombK) KOMaHAbi 
apt remove package. APT aBTOMaTi/inecKH yAanHT naKeTbi, KOTopbie 
3aBMC5iT ot y>Ke yAa/ieHHbix naKeTOB. KaK m b npHMepe dpkg, c^aPi/ibi 
KOHc|3nrypauMn m AaHHbie no/ib30BaTe/ifl He 6yAyT yAaneHbi. 

C noMombK) Ao 6 aB/ieHHfl cycfxfjHKcoB k HMeHaM naKeTOB Bbi MO>KeTe 
ncnonb 30 BaTb apt (i/i/im apt-get h aptitude) A-na ycraHOBKM 
onpeAeneHHbix naKeTOB h yAa/ieHMA Apyrux b toh >Ke KOMaHAHoPi 
CTpoKe. l/lcno/ib 3 ya KOMaHAy apt install Ao 6 aBbTe k hmchh 
naKeTOB, KOTopbie Bbi xoTHTe yAa/ii/iTb. C noMombK) KOMaHAbi apt 
remove Bbi MO>KeTe Ao 6 aBHTb "+" k MMeHi/i naKeTOB, KOTopbie Bbi 
XOTMTe yCT 3 H 0 BHTb. 

C/ieAyK)mnPi npi/iMep noKa3biBaeT ABa pa3/iMHHbix cnoco6a, 
ycraHOBKM package! m yAa/ieHMA package2. 


# apt install packagel package2• 

(...) 

# apt remove packagel + package2 

(...) 

3tot cnoco6 TaK>Ke mo>kho ncno/ib30BaTb A-nfl HCK/noHeHH^ naKeTOB, 
KOTopbie b npoTHBHOM c/iyHae 6bmn 6bi ycTaHOB/ieHbi, HanpuMep, 
BBHAy peKOMeHAaukiPi (Mbi o6cyAHM AaHHbiPi Bonpoc HeMHoro no3>Ke). 
B o6meM, pemaTe/ib 3aBncnMOCTePi 6yAeT ncnonb30BaTb 3Ty 
HHC|30pMai4MK) B KaHeCTBe nOACK33KH lfl nOHCKa a/lbTepHaTHBHbIX 
pemeHHPi. 
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Ana yAa/ieHMfl Bcex AaHHbix cBA3aHHbix c Ka km m-/i 1/160 naKeTOM, Bbi 
MO>KeTe OHMCTMTb naKeT c noMombK) KOMaHA dpkg -P package , m/im apt 
purge package. 3tm KOMaHAbi no/mocTbK) yAa/i^T naKeT m Bee Aam-ibie 
no/ib30BaTe/ia, m b c/iynae c apt TaK>Ke yAa/iMT m Bee 3aBMCMMOCTM. 


# dpkg -r debian-cd 

(Reading database ... 97747 files and directories currently installed.) 
Removing debian-cd (3.1.17) ... 

# dpkg -P debian-cd 

(Reading database ... 97401 files and directories currently installed.) 
Removing debian-cd (3.1.17) ... 

Purging configuration files for debian-cd (3.1.17) ... 


npeAynpe>KAeHMe! YHMTbiBafl OKOHHaTe/ibHbiM xapaKTep hmctkm, 
ABa>KAbi noAyMaMTe, npe>KAe neM npM6eraTb k HeMy. Bbi noTep^eTe 
Bee, HTO CBfl3aHO C 3TMM naKeTOM. 


8.2.5 llpoBepKa naneTOB 

fla/iee, AaBaPiTe no3HaKOMMMca c HeKOTopbiMM MHcrpyMeHTaMM, 
KOTopbie MoryT 6biTb Mcno/ib30BaHbi A-n^ npoBepKM naKeTOB Debian. 
Mbi no3HaKOMMMCfl c dpkg, apt, m apt-cache KOMaHAaMM, KOTopbie 
MoryT Mcno/ib30BaTbCfl A-rm 3anpoca m BM3ya/iM3auMM 6a3bi AaHHbix 
naKeTa. 


3anpoc 6a3bi AaHHbix dpkg m npoBepKa .deb <t>aMAOB 


HanHeM c HecKO/ibKMx onuMM dpkg, KOTopbie 3anpaniMBaK)T 
BHyTpeHHKDK) 6a3y AaHHbix dpkg. 3Ta 6a3a AaHHbix HaxoAHTCfl b 
c^aM/iOBOM cMCTeMe b /var/lib/dpkg m coAep>KMT HecKO/ibKO pa3Ae/iOB, 
BK/uonaa cqeHapMM KOHcf)MrypauMM (/var/lib/dpkg/info), cnncoK 
cJ^aM/iOB, b KOTopbix ycTaHOB/ieH naKeT (/var/lib/dpkg/info/ *. list) m 
CT aTyc Ka>KAoro ycTaHOB/ieHHoro naKeTa (/var/lib/dpkg/status). Bbi 
MO>KeTe Mcno/ib30BaTb dpkg A-rm B3aMMOAei/icTBMfl c c^aPi/iaMM b btom 
6a3e AaHHbix. 06paTMTe BHMMaHMe, hto 6 o/ibLUMHCTBO napaMeTpoB 
AOCTynHbi KaK b a-hhhhom BepcMM (oaho m/im HecKO/ibKO peneBaHTHbix 
c/iob, KOTopbiM npeALuecTByeT ABoPmoe TMpe), TaK m b kopotkom 
( oAHa 6yKBa, kotopom npeAwecTByeT TMpe, name Bcero MMeeTca 
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BBUfly Hana/ibHafl 6yKBa 1/13 oahoto c/iOBa 1/13 A-nnHHoPi Bepcm/i). 3to 
yc/iOBHoe o6o3HaHeHne HacmnbKO pacnpocrpaHeHO, hto oho 
ABJiaeTCfl cTaHAapTOM POSIX. 

CHana/ia, AaBaMTe paccMOTpMM naKeT -listfiles (m/im -L), b kotopom 
nepenMc/ieHbi cJ^aPinbi, KOTopbie 6bmn ycTaHOB/ieHbi yKa3aHHbiM 
naKeTOM: 


$ dpkg -L base-passwd 

/. 

/usr 

/usr/sbin 

/usr/sbin/update-passwd 
/usr/share 
/usr/share/lintian 
/usr/share/lintian/overrides 
/usr/share/lintian/overrides/base-passwd 
/usr/share/doc-base 
/us r/sha re/doc - base/use rs-and-g roups 
/usr/share/base-passwd 
/usr/share/base-passwd/group.master 
/us r/sha re/base- pas swd/pa sswd.master 
/usr/share/man 
/usr/share/man/pl 
/usr/share/man/pl/man8 
/usr/share/man/pl/man8/update-passwd.8.gz 
[...] 

/usr/share/doc 

/usr/share/doc/base-passwd 

/usr/share/doc/base-passwd/users-and-groups.txt.gz 
/usr/share/doc/base-passwd/changelog.gz 
/usr/share/doc/base-passwd/copyright 
/us r/sha re/doc/base- pas swd/README 
/usr/share/doc/base-passwd/users-and-groups.html 


fla/iee, dpkg --search file (or -S), hoxoaht n\odb\e naiceTbi, KOTopbie 
coAep>KaT c^ai/m h/ih nyTb, nepeAaBaeMbiPi b apryMeHTe. Hanpi/iMep, 
A-rm noncKa naKeTa, KOTopbiPi coAep>KHT /bin/date: 


$ dpkg -S /bin/date 

coreutils: /bin/date 


KoMaHAa dpkg --status package (or -s) OTo6pa>KaeT 3aro/iOBOK 
ycTaHOBneHHoro naKeTa. Hanpi/iMep, A-na noncKa 3aro/iOBKOB naKeTa 
coreutils: 
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$ dpkg -s coreutils 

Package: coreutils 
Essential: yes 

Status: install ok installed 

Priority: required 
Section: utils 
Installed-Size: 13855 

Maintainer: Michael Stone <mstone@debian.org> 

Architecture: amd64 
Multi-Arch: foreign 
Version: 8.23-3 

Replaces: mktemp, realpath, timeout 

Pre-Depends: libacll (>= 2.2.51-8), libattrl (>= 1:2.4.46-8), libc6 (>= 2.17), 
** libselinuxl (>= 2.1.13) 

Conflicts: timeout 
Description: GNU core utilities 

This package contains the basic file, shell and text manipulation 
utilities which are expected to exist on every operating system. 

Specifically, this package includes: 

arch base64 basename cat chcon chgrp chmod chown chroot cksum comm cp 
csplit cut date dd df dir dircolors dirname du echo env expand expr 
factor false flock fmt fold groups head hostid id install join link In 
logname Is md5sum mkdir mkfifo mknod mktemp mv nice nl nohup nproc numfmt 
od paste pathchk pinky pr printenv printf ptx pwd readlink realpath rm 
rmdir runcon sha*sum seq shred sleep sort split stat stty sum sync tac 
tail tee test timeout touch tr true truncate tsort tty uname unexpand 
uniq unlink users vdir wc who whoami yes 
Homepage: http://gnu.org/softwa re/co reutils 


KoMaHfla dpkg -list (min -I) OTo6pa>KaeT cni/icox M3BecTHbix b cncreMe 
naxeTOB h hx craTyc ycraHOBXH. Bbi Taioxe MOxceTe ncno/ib30BaTb 
grep Ha Bbixoae Ann noncxa onpeAe/ieHHbix no/ien h/ih unn co3AaHi/m 
noACTaHOBOHHbix cmmbo/iob (HanpHMep, b *) Ann noncxa naxeTOB, 
xoTopbie cooTBeTCTByxDT onpeAe/ieHHOki nacTM ctpoxh noncxa. 3to 
noxa>xeT cBOAxy naxeTOB. HanpHMep, HTo6bi noxa3aTb cboahbih 
cnncox Bcex naxeTOB, HaHHHaK)mnxca c 'b': 
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$ dpkg -l ’b*' 

Desired=Unknown/Install/Remove/Purge/Hold 

| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend 
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) 


||/ Name 

Version 

Architecture Description 

ii 

b43-fwcutter 

1:019-3 

amd64 

utility for extracting Broadcom 4 

ii 

backdoor-facto 3.4.2-0kalil all 

Patch win32/64 binaries with shel 

un 

backupninja 

<none> 

<none> 

(no description available) 

un 

backuppc 

<none> 

<none> 

(no description available) 

ii 

baobab 

3.22.1-1 

amd64 

GNOME disk usage analyzer 


KoMaHfla dpkg —contents file.deb (m/im -c) nepeHi/icrmeT Bee c^aPinbi b 
KOHKpeTHOM .deb c^ai/me: 


$ dpkg *c /var/cache/apt/archives/gnupgl 


drwxr-xr-x 

root/root 

0 

2014-12-04 

drwxr-xr-x 

root/root 

0 

2014-12-04 

drwxr-xr-x 

root/root 

0 

2014-12-04 

drwxr-xr-x 

root/root 

0 

2014-12-04 

-rw-r--r-- 

root/root 

2711 

2014-12-04 

drwxr-xr-x 

root/root 

0 

2014-12-04 

drwxr-xr-x 

root/root 

0 

2014-12-04 

drwxr-xr-x 

root/root 

0 

2014-12-04 

-rwxr-xr-x 

root/root 

39328 

2014-12-04 

-rwxr-xr-x 

root/root 

92872 

2014-12-04 

-rwxr-xr-x 

root/root 

47576 

2014-12-04 

-rwxr-xr-x 

root/root 

84648 

2014-12-04 

-rwxr-xr-x 

root/root 

3499 

2014-12-04 

drwxr-xr-x 

root/root 

0 

2014-12-04 

-rwxr-xr-x 

root/root 

60128 

2014-12-04 

-rwxr-xr-x 

root/root 

1012688 

2014-12-04 


(...) 


4.18-6_amd64.deb 

23:03 ./ 

23:03 ./lib/ 

23:03 ./lib/udev/ 

23:03 ./lib/udev/rules.d/ 

23:03 ./lib/udev/rules.d/60-gnupg.rules 
23:03 ./usr/ 

23:03 ./usr/lib/ 

23:03 ./usr/lib/gnupg/ 

23:03 ./usr/lib/gnupg/gpgkeys_ldap 
23:03 ./usr/lib/gnupg/gpgkeys_hkp 
23:03 ./usr/lib/gnupg/gpgkeys_finger 
23:03 ./usr/lib/gnupg/gpgkeys_curl 
23:03 ./usr/lib/gnupg/gpgkeys_mailto 
23:03 ./usr/bin/ 

23:03 ./usr/bin/gpgsplit 
23:03 ./usr/bin/gpg 


KoMaHfla dpkg —info file.deb (h/im-I) BbiBeaeT Ha aicpaH 3aronoBKM 
yKa3aHHoro .deb cJoaM/ia: 
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$ dpkg -I /var/cache/apt/archives/gnupg_1.4.18-6_amd64.deb 


new debian package, version 

2.0. 


size 1148362 bytes: control 

archive=3422 bytes. 


1264 bytes, 26 lines 

control 


4521 bytes, 65 lines 

md5sums 


479 bytes, 13 lines 

* postinst 

#!/bin/sh 

473 bytes, 13 lines 

Package: gnupg 

Version: 1.4.18-6 

Architecture: amd64 

* preinst 

#!/bin/sh 


Maintainer: Debian GnuPG-Maintainers <pkg-gnupg-maint@lists.alioth.debian.org> 
Installed-Size: 4888 

Depends: gpgv, libbz2-1.0, libc6 (>= 2.15), libreadline6 (>= 6.0), libusb-0.1-4 (>= 
2:0.1.12), zliblg (>= 1:1.1.4) 

Recommends: gnupg-curl, libldap-2.4-2 (>= 2.4.7) 

Suggests: gnupg-doc, libpcsclitel, parcimonie, xloadimage | imagemagick | eog 

Section: utils 

Priority: important 

Multi-Arch: foreign 

Homepage: http://www.gnupg.org 

Description: GNU privacy guard - a free PGP replacement 
GnuPG is GNU's tool for secure communication and data storage. 

It can be used to encrypt data and to create digital signatures. 

It includes an advanced key management facility and is compliant 

with the proposed OpenPGP Internet standard as described in RFC 4880. 

[...] 


Bbi Taioxe MOweTe Mcno/ib30BaTb dpkg f\r\9\ cpaBHem/ifl Bepcm/i 
naiceTOB c noMombK) napaMeTpa compare-versions, KOTopbiPi Macro 
Bbi3biBaeTCfl BHeniHHMM nporpaMMaMi/i, Bic/Donaa dcpuriTbi 
KOHcj^MrypauMii, KOTopbie Bbino/iHflK)TCfl caMMM dpkg. 3Ta onunfl 
Tpe6yeT Tpi/i napaMeTpa: HOMep Bepcm/i, onepaTopa cpaBHem/m n 
BToporo HOMepa Bepckin. CymecTByKDT pa3/inHHbie B03M0>KHbie 
onepaTopbi: It (crporo MeHbme), le (MeHbme v\nv\ paBHo), eq (paBHo), 
ne (He paBHo), ge (6o/ibiiie nrin paBHo) h gt (cTporo 6o/ibiiie). Ec/im 
cpaBHeHHe npaBHnbHoe, dpkg B03BpamaeT 0 (ycnex); ec/in HeT, oh 
flaeT HeHyneBoe B03BpamaeMoe 3HaneHMe (o6o3HaHaK)inee otk33). 
PaccMOTpi/iM 3 tm cpaBHeHM^: 
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$ dpkg ••compare-versions 1.2-3 gt 1.1-4 
$ echo $? 

0 

$ dpkg •-compare-versions 1.2-3 It 1.1-4 
$ echo $? 

1 

$ dpkg --compare-versions 2.6.0pre3-l It 2.6.0-1 
$ echo $7 

1 


06paTMTe BHMMaHi/ie Ha Heowi/iflaHHbiM c6oPi nocneAHero cpaBHeHi/m: 
A-rm dpkg crpoKa «pre» (o6bNHO o6o3HanaK)Luafl npeABapi/ue/ibHyK) 
BepcMK)) He MMeeT KOHKpeTHoro 3HaneH v\n, a dpkg npocTO 
MHTepnpeTMpyeT ee KaK crpoicy, m b btom c/iynae «2. 6.0pre3-l "b 
a/icf>aBMTHOM nop^AKe 6o/ibi±ie, neM" 2.6.0-1 KorAa Mbi xothm, 
HTo6bi HOMep BepcMM naiceTa yKa3biBa/i, hto bto npeABapi/iTe/ibHbiM 
pe/iM3, Mbi ncno/ib3yeM cmmbo/i Ti/mbAbi, «~»: 


$ dpkg --compare-versions 2.6.0-pre3-l It 2.6.0-1 
$ echo $7 

0 


3 anpoc k 6 a 3 e AaHHbix Ha HaAMHue AocrynHbix naxeTOB c 
noMOLLi.bK) apt-cache m apt 

KoMaHAa apt-cache MOweT OTo6pa>KaTb 6o/ibiiiyK) nacTb MHc^opMaqHM, 
xpaHfimeMCB bo BHyTpeHHePi 6a3e AaHHbix APT. 3Ta HHcjDopMaui/m 
^B/uqeTCjR cBoero poAa KemeM, nocKO/ibKy OHa co6npaeTCfl H3 pa3Hbix 
MCTOHHHKOB, nepeHi/icneHHbix b cjoan/ie sources.list. 3to nponcxoAHT 
bo BpeMfl onepauMM o6HOB/ieHi/m apt. 


TEPMMHO/lOnifl Kama 

Kblu ^BnaeTca BpeMeHHOM cncTeMOM xpaHeHi/m, Mcnonb3yeMoPi A-rm 
ycKopeHMjR nacToro AOCTyna k AaHHbiM, KorAa o6bNHbiPi mctoa 
AOCT yna aB/iaeTca AoporocTOfuuHM (no OTHOLueHi/iK) k 
npon3BOAHTe/ibHOCTM). 3Ta KOHMenqi/ifl MO>xeT npHMeHATbca bo 
mhotmx cMTyauMflx m b pa3Hbix MacniTa6ax - OT flAPa 
MMKpOnpOUeCCOpOB AO BblCOKOnpOM3BOAHTe/lbHblX CMCTeM XpaHeHM?!. 
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B c/iynae c APT, ccbi/iOHHbiMM c^aPi/iaMM naKeTOB AB/mKmm Te, 
KOTopbie pacno/ioweHbi Ha 3epKa/iax Debian. TeM He MeHee, 6bmo 6bi 
oneHb HeacfjcjDeKTMBHO npoBOAMTb KawAbiPi noMCK nepe3 6a3bi AaHHbix 
OH/iaPm-naKeTOB. Bot noneMy APT xpaHi/iT KonMK) btmx cj^aPmoB (b 
/var/lib/apt/lists/), m noMCK Bbino/iHaeTCfl b btmx noKa/ibHbix cj^aPmax. 
AHa/iorMHHO, /var/cache/apt/archives/ coagpwmt KBLUMpoBaHHyK) 
KonMK) y>xe 3arpy>KeHHbix naKeTOB, HTo6bi M36ewaTb mx noBTopHoPi 
3arpy3KM, ec/iM BaM Hy>KHO nepeycraHOBHTb mx. 

HTo6bi M36e>KaTb Hpe3MepHoro Mcno/ib30BaHi/m AncKa npM nacTOM 
o6HOBneHMM, Bbi AO/i>KHbi pery/mpHO copTMpoBaTb KaTa/ior 
/var/cache/apt/archives/. Arm 3Toro mo>kho Mcno/ib30BaTb ABe 
KOMaHAbi: apt clean (m/im apt-get clean), KOTopaa no/iHOCTbK) 
onycTOiiiaeT KaTa/ior; apt autoclean (apt-get autoclean), KOTopaa 
yAa/meT mnbKO Te naKeTbi, KOTopbie 6o/ibLue He MoryT 6biTb 
3arpy>KeHbi, nocKO/ibKy ohm Mcne3/iM M3 3epKa/ia m noaTOMy flB/mKmm 
6ecnone3HbiMM. 06paTMTe BHMMaHMe, hto napaMeTp KOHcf/MrypauMM 
APT :: Clean-Installed MO>KeT Mcno/ib30BaTbca A-rm npeAOTBpameHMfl 
yAa/ieHMa c|oa PI/iob .deb, KOTopbie b Hacroamee BpeMa ycTaHOB/ieHbi. 
TaK>xe o6paTMTe BHMMaHMe, hto apt yAa/meT 3arpy>KeHHbie c^aPi/ibi 
noc/ie mx ycraHOBKM, noaTOMy bto MMeeT 3HaneHMe, maBHbiM 
06pa30M, BO BpeMa MCn0/lb30BaHMfl APyrMX MHCTpyMeHTOB. 


KoMaHAa apt-cache MO>KeT Bbino/iHATb noMCK naKeTOB no K/iK)HeBbiM 
c/iOBaM c noMombK) apt-cache search key word. OHa Tao<e MO>KeT 
OTo6pa>KaTb 3aronoBKM AOCTynHbix BepcMPi naKeTa c noMombK) apt- 
cache show package. 3Ta KOMaHAa npeAOcraB/meT onMcaHMe naKeTa, 
ero 33BMCMMOCTM m H33BaHMe ero BKcnnyaTaMMOHHMKa. 3Ta 
oco6eHHOCTb AOBO/ibHO none3Ha npM onpeAe/ieHMM naKeTOB, KOTopbie 
ycTaHaB/iMBaKmm nepe3 MeTanaKeTbi, TaKMe KaK kali-linux-wireless, 
kali-linux-web m kali-linux-gpu. 06paTMTe BHMMaHMe, hto noMCK apt, 
apt show, aptitude search m aptitude noKa3biBaK)T to we caMoe. 


A/ibTepHaTMBHbiM axi-cache: 

noMCK apt-cache nennejcn oneHb 3/ieMeHTapHbiMM MHCTpyMeHTOM, b 
ochobhom peanM3yK>mnM grep b onMcaHM^x naKeTOB. Oh nacro 
B03BpamaeT c/imlukom MHoro pe3y/ibTaTOB m/im BOo6me HMnero, KorAa 
BK/IKDHeHO C/IMLUKOM MHOrO K/IKDHeBbIX C/IOB. 
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C ApyroM CTopoHbi axi-cache search term, noKa3biBaeT nyHLUMe 
pe3y/ibTaTbi, OTcopTHpoBaHHbie no cTenem/i b3>khoctm. Oh 
ncnonb3yeT noMcxoByx) cMcreMy Xapian m AB/iaeTCfl nacTbK) naKeTa 
apt-xapian-index, xoTopbiM MHASKCMpyeT bckd MHcfiopMauMK) o naKeTe 
(m MHoroe Apyroe, HanpMMep cJoaM/ibi .desktop M3 Bcex naKeTOB 
Debian). Oh 3HaeT o Terax m npeAOCTaB/ifleT pe3y/ibTaTbi nepe3 
HeCKO/lbKO MM/l/lMCeKyHA- 


$ axi-cache search forensics graphical 

5 results found. 

Results 1-5: 

100% autopsy - graphical interface to SleuthKit 

82% forensics-colorize - show differences between files using 
color graphics 

73% dff - Powerful, efficient and modular digital forensic 
** framework 

53% gpart - Guess PC disk partition table, find lost 
** partitions 

46% testdisk - Partition scanner and disk recovery tool, and 
PhotoRec file recovery tool 

More terms: colorize partitions file disklabel autopsy 
** digital differences 

More tags: admin::forensics security::forensics role::program 
** admin::recovery interface::commandline admin::boot 
** scope::utility 


HeKOTopbie cfiyHxuMM Mcno/ib3yK)TCfl 6o/iee peAKO. HanpMMep, apt- 
cache policy OTo6pa>KaeT npMopMTeTbi xax mctohhmxob naxeTOB, Tax 
m OTAe/ibHbix naxeTOB. flpyrMM npMMepoM AB/iaeTCfl apt-cache dumpa 
vail, xoTopbiM OTo6pa>xaeT 3aro/iOBXM Bcex AOCTynHbix BepcMM Bcex 
naxeTOB. apt-cache pkgnames OTo6pa>xaeT cnncox Bcex naxeTOB, 
xoTopbie no?iB.rmK)TCfl xota 6bi oahh pa3 b xeme. 


8.2.6 YcTpaHeHne npo6AeM 

PaHO m/im no3AHO y Bac MoryT B03HMXHyTb onpeAeneHHbie npo6neMbi 
bo BpeMjR B3aMMOAeMCTBMjR c naxeTaMM. B ashhom pa3Ae/ie Mbi 
nocTapaeMca onepTMTb ocHOBHbie niarM ycrpaHeHMfl npo6/ieM, 
xoTopbie BaM Heo6xoAHMO 6yAeT npeAnpMHATb, a Tax>xe paccxa>xeM 
BaM o HexoTopbix MHCTpyMeHTax, xoTopbie npM6/iM3flT Bac 
xpa3peiueHMK) tom mjim mhom npo6neMbi. 
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npo6/ie/vibi c o6pa6oTKOM noc/ie o6HOB/ieHMfi 


HecMOTpa Ha to, hto Kali/Debian npH/io>KH.n Bee ycn/ina a/ia Toro, 
HTo 6 bi o 6 HOBneHne cHcreMbi npoxoAn.no 6 e 3 npo 6 /ieM, oho 
Bbino/iHjReTCB He BcerAa TaK r/iaAKO, KaK Mbi HaAeeMca. HoBbie Bepcnn 
nporpaMMHoro o 6 ecneneHHfl MoryT 6 biTb HecoBMecTHMbi c 
npeAbiAyLUHMM (HanpHMep, hx noBeAeHne no yMO/inaHHK) h/ih hx 
cfjopMaT ASHHbix MoryT 6 biTb M3MeHeHbi), h/ih >Ke HeKOTopbie oluh6kh 
MoryT coxpaHfiTbCB b hoboh Bepcnn, HecMOTpa Ha TecrnpoBaHne, 
Bbino/iHjReMoe sKcn/iyaTauHOHHHKaMH naiceTOB h no/ib30BaTe/iBMM 
Debian Unstable. 

Mcno/ib30BaHMe OTneTOB 06 oi±jn 6 i<e 1/lHorAa Bbi Mo>KeTe 
o 6 Hapy>KMTb, hto HOBaB Bepcna nporpaMMHoro o 6 ecneneHHfl BOo 6 me 
He pa 6 oTaeT. 3to o 6 biHHO nponcxoAHT, ec/w npi/mo>KeHMe He 
oco 6 eHHO nony/iapHO n HeAOCTaTOHHO npoBepeHO. nepBoe, hto 
Hy>KHO CAe/iaTb, - B 3 rrmHyTb Ha Kali 6 ar TpeKep 28 Kali n Debian 6 ar 
TpeKep 29 Ha https://bugs.debian.org /package, n npoBepnTb, 
coo6lah/i /w kto-to y>Ke 06 3tom npo 6 /ieMe. Ec/in no noBOAy ashhom 
oluh6kh He nocTyna/io hhkbkhx othctob, BaM cneAyeT cocraBHTb ero 
caMOCTOBTe/ibHO (cmotph pa3Ae/i 6.3,"l1oAaHa rpaMOTHO 
cocTaBneHHoro OTneTa 06 oi±in 6 Ke" [cTp. 129] a/ia no/iyneHi/m 60 /iee 
AeTa/ibHon HHc^opMaunn). Ec/w othct y>Ke 6 bin noAaH ao Bac, to 
b3>kho noHMMaTb, hto oh n Bee cB?i3aHHbie c hum coo 6 meHHfl 

flB/lflK)TCfl OT/lHHHblM HCTOHHHKOM HHCjDOpMaUHH OTHOCHTe/lbHO C3M0H 
oluh6kh. B HeKOTopbix cnynaflx naTH, HcnpaB/ifliOLUHH 0 Lun 6 Ky ywe 
cymecTByeT n nBnnejcn AOCTynHbiM b caMOM OTneTe 06 0 Lun 6 Ke; Bbi 
MO>KeTe nepeKOMnnnnpoBaTb ncnpaB/ieHHyK) BepcnK) HencnpaBHoro 
naKeTa ziOKa/ibHO (cmotph pa3Ae/i 9.1, «l/l3MeHeHne naKeTOB Ka Ii » 
[CTp. 222]). B Apyrnx c/iyna^x, no/ib30BaTe/iH Mornn HaHTH HeKMH 
HCKycHbiH MeTOA h/ih o6xoahoh nyTb f\y\9\ pa 6 oTbi c stoh npo 6 neMon 
h noAe/in/incb mm b cbohx OTBeTax k OTneTy; noAo 6 Horo poAa 
HHCTpyKUHH noMoryT BaM pa3o6paTbc?i c B03HMKLueH npo 6 /ieMOH, 
noKa He BbiHAST cooTBeTCTByiOLUHH naTH. B HAea/ie 0 LUM 6 Ka naKeTa 
MO>KeT 6 biTb y>Ke ncnpaB/ieHa, h Bbi MO>KeTe HaHTH HHcf>opMauHK) 06 
3T0M B OTHeTe 06 0 LUH 6 Ke. 


28 http://bugs. kali.org 
29 https://bugs.debian.org 
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nepexofl Ha pa6onyio Bepcnio KorAa npo6/ieMa npeACTaBrmeT 
co6on HeTxyio perpeccMK) (rAe pa6oTa/ia npe>xH?ifl Bepci/m), Bbi 
MOweTe nonbiTaTbca ncno/ib30BaTb npeAbiAymyK) Bepcmo naiceTa. B 
3tom cnynae BaM noHaAo6i/iTCfl xoni/m crapon BepcHH. Ec/ih y Bac ecTb 
AOCTyn k cTapoPi Bepc hh b oahom 1/13 peno3HTopneB, HacTpoeHHbix b 
APT, Bbi MOweTe ncno/ib30BaTb npocTyK) OAHOCTpoHHyio KOMaHAy A-rm 
noHn>xeHi/m BepcMH (cm. Pa3Ae/i 8.2.2.2, «ycraHOBxa naxeTOB c 
noMOLUbK) APT» [cTp. 177]). Ho no/ib3yacb Kali rolling Bbi o6biHHO 
HaPiAeTe mnbxo OAHy Bepcnio A-rm xa>xAoro naxeTa. 

Bbi Bee paBHO MO>xeTe nonbiTaTbca HanTn crapbin c^an/i .deb n 
ycTaHOBnTb ero BpyHHyio c noMombio dpkg. CTapbie cJoaH/ibi .deb 
mo>kho HanTn b HecKO/ibxnx MecTax: 

• B K3iue APT b /var/cache/apt/archives/ 

• B AnpexTopnn pool Ha HameM o6biHHOM 3epKa/ie Kali 
(yAaneHHbie n ycTapeBiune naxeTbi xpaHATca b TeneHi/ie Tpex- 
neTbipex AHen, HTo6bi n36e>xaTb npo6neM c no.nb30BaTe.rmMn, 

He MMeiomnMn nocneAHnx HHAexcoB naxeTa) 

• b http://snapshot.debian.org ec/w noBpe>xAeHHbin naxeT 6bin 
npeAOCTaBneH Debian, a He Kali; 3Ta c/iy>x6a xpaHnT 
a6co/iK)THO Bee Bepcnn naxeTOB Debian 


Pa6oTa c noBpe>KfleHHbiMn cneHapn^Mn noflflep>KKH 1/lHorAa 
o6HOB/ieHne npepbiBaeTca, noTOMy hto oahh H3 cqeHapneB 
noAAep>xxn naxeTa He pa6oTaeT (o6bNHO bto postinst). B bthx 
cnynaflx Bbi MO>xeTe nonbiTaTbca AnamocTnpoBaTb npo6/ieMy h, 
bo3mo>xho, o6ohth ee, OTpeAaxTnpoBaB npo6/ieMHbin cxpnnT. 

3Aecb Mbi 6epeM bo BHnMaHne cjoaxT, hto cueHapnn noAAep>xxn 
xpaHi/iTCA b /var/lib/dpkg/info/, h hto Mbi MO>xeM npocMOTpeTb n 
n3MeHHTb ero. 

Bbhay Toro, hto cpeHapun noAAep>xxn AB/meTca o6biHHO npocTbiM 
cueHapneM o6o/iohxh, Mbi MO>xeM BbicTaBnTb cTponxy -x cpa3y noc/ie 
CTpoHxn shebang n cAe/iaTb Tax, HTo6bi ohm 3anycTn/incb noBTopHO 
(c noMombio dpkg --configure -a A-rm postinst) A-rm Toro, HTo6bi neTxo 
yBnAGTb, hto nponcxoAnT n b neM 3ax/iK)HaeTCfl omn6xa. 3 tot BbiBOA 


240 



Tai<>Ke MOweT npeKpacHO Aono/iHATb /ik)6om othct 06 oi±ii/i6Ke, 

KOTopbm Bbi MOweTe noflaBaTb. 

C 3 TMMM BHOBb nO/iyHeHHblMM 3 HaHMf 1 MM, Bbl MO>KeTe KaK ncnpaB.rmTb 
ocHOBHyK) npo6/ieMy, TaK m TpaHccfjopMi/ipoBaTb HencnpaBHyK> 
KOMaHAy b pa6oTaK>myK) (Hanpi/iMep, nyTeM Ao6aB/ieHi/m 11 true b 
KOHeU CTpOHKM). 

06paTMTe BHMMaHMe, hto AaHHa n MeTOAHKa He pa6oTaeT b c/iynae 
c6oa preinst, nocKO/ibicy stot cKpi/mT Bbino/iH^eTca eme ao Toro, KaK 
naKeT 6yAeT ycraHOB/ieH, nosTOMy oh eme He HaxoAHTCfl b kohchhom 
MecTe cBoero Ha3HaneHi/m. Oh pa6oTaeT A-ns postrm i/i prerm, xota 
BaM Hy>KHO 6yAeT Bbino/iHi/iTb yAa/ieHi/ie naKeTa (i/i, cooTBeTCTBeHHO, 
o6HOB/ieHne), HTo6bi 3anycTMTb mx. 


Oa ma >KypHaAa dpkg 


1/lHCTpyMeHT dpkg xpaHMT >KypHan Bcex cbohx asmctbhm b 
/ var/log/dpkg.log. 3 tot >KypHa/i nBnnejcn Hpe3BbiHaMHO noApo 6 HbiM, 
nocKO/ibKy oh onncbiBaeT Bee 3Tanbi Ka>KAoro naKeTa. B Aono/iHeHne 
k TOMy, hto oh no3BO/ifleT OTc/ie>KMBaTb noBeAeHHe dpkg, oh 
noMoraeT coxpaHi/iTb i/icropi/iK) pa3BMTi/m ci/icTeMbi: Bbi MO>KeTe h3mtm 
TOHH biM MOMeHT, KorAa Ka>KAbm naKeT 6 bm ycTaHOB/ieH i/i/im 
o 6 HOBneH, i/i 3Ta MH0opMaunfi MO>KeT 6 biTb Hpe3BbNaPiHO no/ie3Ha aaa 
noHHMaHHjR HeAaBHero n 3 MeHeHne noBeAeHi/m. KpoMe Toro, npi/i 
3anncn Bcex Bepcm/i nerKO nepeKpecTHO npoBepi/iTb nH0opMaunK) c 
noMombK) changelog.Debian.gz aaa naKeTOB, KOTopbie Bbi3biBaK)T 
Bonpocbi m/im Aa>Ke c noMombK) OH/iaPiH-OTHeTaMH 06 oi±in 6 Kax. 


# tail /var/log/dpkg.log 

2016-12-22 09:04:05 status installed kali-linux-gpu:amd64 2016.3.2 
2016-12-22 09:20:07 startup packages remove 

2016-12-22 09:20:07 status installed kali-linux-gpu:amd64 2016.3.2 
2016-12-22 09:20:07 remove kali-linux-gpu:amd64 2016.3.2 <none> 
2016-12-22 09:20:07 status half-configured kali-linux-gpu:amd64 2016.3.2 
2016-12-22 09:20:07 status half-installed kali-linux-gpu:amd64 2016.3.2 
2016-12-22 09:20:07 status config-files kali-linux-gpu:amd64 2016.3.2 
2016-12-22 09:20:07 status config-files kali-linux-gpu:amd64 2016.3.2 
2016-12-22 09:20:07 status config-files kali-linux-gpu:amd64 2016.3.2 
2016-12-22 09:20:07 status not-installed kali-linux-gpu:amd64 <none> 
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llepeycTaHOBKa naKeTOB c noMOLU,bK) apt—reinstall m aptitude 
reinstall 

Korfla Bbi olum6ohho HaHOCMTe ymep6 cBoePi cMcreMe, yAarmfl m/im 
\A3w\eHnn onpeAe/iem-ibie cjDaM/ibi, caMbiM npocTbiM cnoco6oM mx 
BOccTaHOB/ieHUjR AB/iaeTCB nepeycTaHOBKa noBpe>KASHHoro naKeTa. K 
co>KaneHMK), cMcreMa naKeTMpoBaHMfl o6Hapy>KMBaeT, hto naKeT y>Ke 
ycTaHOB/ieH m Be>K/iMBO OTKa3biBaeTca nepeycraHaB/iMBaTb ero. 
HTo6bi aToro M36e>KaTb, Mcno/ib3yPiTe napaMeTp -reinstall KOMaHA apt 
m apt-get. CneAyromafl KOMaHAa nepeycraHaB/iMBaeT postfix , Aawe 
ec/iM oh y>Ke npi/icyTCTByeT: 


# apt ••reinstall install postfix 


KOMaHAa aptitude HeMHoro OT/iMnaeTCB, ho, TeM He MeHee, OHa 
npMBOAHT KTOMy >Ke caMOMy pe3y/ibTaTy, ec/iM ncno/ib30BaTb aptitude 
reinstall postfix KOMaHAa dpkg He npeAOTBpamaeT nepeycTaHOBKy, ho 
ee peAKO Bbi3biBaK)T HanpaMyio. 


He ncno/ib3yMTe apt —reinstall fl/in Toro, hto6i>i 
BOCCT anoBHTbcq noc/ie aTaKM 

l/lcnonb30BaHne apt --reinstall A-ns BOccTaHOB/ieHMfl naKeTOB, 
M3MeHeHHblX BO BpeMfl 3T3KM, He npHBeAST K BOCCTaHOB/ieHMK) 
CMCTeMbl, B TOM B \Af\e, B KOTOpOM OHa 6blJia AO. 

noc/ie aTaKM Bbi He MO>KeTe no/io>KMTbCfl a6co/iK)THO hm Ha hto: dpkg 
m apt, bo3mo>kho, 6bi/iM 3aMeHeHbi BpeAOHOCHbiMM nporpaMMaMH, h 
ohm He 6yAyT 3aHMMaTbCB nepeycraHOBKoPi cjDaPmoB, KaK Bbi, cicopee 
Bcero, o>KMAaeTe. 3/ioyMbiiu/ieHHMK TaKwe Mor M3MeHATb m/im 
co3AaBaTb c^aPi/ibi BHe KOHTporm dpkg. 


TaK>Ke cneAyeT noMHMTb, hto Bbi MO>KeTe yKa3aTb KOHKpeTHbiM 
AMCTpM6yTMB C nOMOLUbK) apt, HTO 03HaHaeT, HTO Bbi MO>KeTe 
OTKaTMTbCfl k 6o/iee crapoPi BepcMM naKeTa (ec/iM, k npMMepy, Bbi 
yBepeHbi, hto OHa 6yAeT pa6oTaTb AO/i>KHbiM o6pa30M), npn yc/iOBMM, 
hto OHa no-npe>KHeMy AOCTynHa b oahom m3 mctohhmkob, Ha KOTopbie 
ccbmaeTCB cj^aPm sources.list: 
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# apt install w3af/kali-rolling 


Mcno/ib30BaHne -force- * a/ia BOCCTaHOB/ieHMfl noBpeMK/^eHHbix 
3aBMCMMOCTeM 


Ec/im Bbi 6birm He AOCTaTOHHO ocropo>KHbiM, ncno^b30BaHne onqMM - 
force-* m/im KaKnx-nn6o Apyri/ix HeMcnpaBHOcrei/i MO>KeT npMBecTM k 
TOMy, HTO APT KOMaHAbl 6yAyT OTKa3blBaTbCfl BbinO/lHflTb CBOK) 
npMBbNHyK) Cj^yHKUMK) B CMCTeMe. no CyTM, HeKOTOpbie M3 3TMX 
napaMeTpoB no3BO.rmK)T ycTaHaB/iMBaTb naKeT, KorAa 3aBMCMMOCTb He 
Bbino/iHjReTCJR, m/im KorAa npMcyTCTByeT kohc|d/imkt. Pe3y/ibTaTOM 
KBnnejcn Henoc/ieAOBaTe/ibHafl cMCTeMa c tohkm 3peHMa 
33BMCMMOCTeM, M KOMaHAbl APT 0TK3>KyTCfl BbinO/lHflTb /lK)6oe 
ASMCTBMe, KpoMe Tex, KOTopbie BepHyT cMCTeMy b comacoBaHHoe 
COCTOflHMe (AOCTM>KeHMe 3T0M qe/lM HaCTO COCTOMT B yCTaHOBKe 
OTcyTCTByiomeM 33BMCMM0CTM m/im yAa/ieHMM npo6/ieMHoro naxeTa). 
06bNHO 3T0 npMBOAMT K C 006 l±ieHMK), nOA 06 HOMy 3T0My, 
no/iyneHHOMy noc/ie ycTaHOBKM hobom BepcMM rdesktop, MrHopMpya 
npM 3tom ee 3aBMCMMOCTb ot 6o/iee hobom BepcMM Iibc6: 


# apt full-upgrade 

[...] 

You might want to run 'apt-get -f install’ to correct these. 

The following packages have unmet dependencies: 

rdesktop: Depends: libc6 (>= 2.5) but 2.3.6.dsl-13etch7 is installed 

E: Unmet dependencies. Try using -f. 


Ec/im >xe Bbi flBrmeTecb OTBa>KHbiM aAMMHMcrpaTopoM, KOTopbiM 
yBepeH b npaBM/ibHOCTM cBoero aHa/iM3a, to Bbi MOweTe 
MTHOpMpOBaTb 33BMCMM0CTb M/IM KOHC^/IMKT, M MCn0/lb30BaTb 
napaMeTp -force- *. B btom cnynae, ec/iM Bbi xoTMTe npoAO/i>KaTb 
Mcno/ib30BaTb apt m/im aptitude, Bbi AO/i>KHbi OTpeAaKTMpoBaTb 
/var/lib/dpkg/status, HTo6bi yAa/iMTb m/im M3MeHMTb 3aBMCMMOCTb m/im 
KOHcf)/iMKT, KOTopbie Bbi Bbi6pa/iM A-na nepeonpeAe/ieHMA. 

3Ta MaHMny/iaqMjq nBnnejcn oneHb AypHbiM tohom m HMKorAa He 
AO/i>KHa Mcno/ib30BaTbc?i, KpoMe KaK b caMOM KpaPiHeM c/iynae. 
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flOBO/ibHO Macro 6o/iee noAxofl^mMM peweHMeM flBrmeTCfl 
nepeKOMnM/iflUMfl naKeTa, KOTopbiPi Bbi3biBaeT npo6/ieMy, m/im 
ncnonb30BaHne hobom BepcMM (noTeHMMa/ibHO McnpaB/ieHHOM) M3 
peno3MTopnfi, npeAOCTaBnfiKDmero backports (backports - bto 6o/iee 
HOBbie BepcM m, cnepMa/ibHO nepeKOMnmiMpoBaHHbie Ann pa6oTbi b 
6onee crapoi/i cpeAe). 


8.2.7 BHemHue MHTepc|)eMCbi: aptitude m synaptic 

APT AB/iaeTCfl nporpaMMOM, pa6oTaK)meM Ha C ++, koa kotopom b 
ochobhom HaxoAHTCJR b o6meM 6n6/inoTeKe libapt-pkg. KaK pa3 
MMeHHO 3Ta o6mafl 6n6/inoTeKa OTKpbi/ia Aaepb A-rm co3AaHna 
no/ib30BaTe/ibCKnx MHTepcjDei/icoB (front-ends), nocKO/ibicy koa 
pa3Ae/ifieMOM 6n6/inoTeKn mo>kho nerKO ncno/ib30BaTb noBTopHO. 
I/I cto pH nee km, apt-get 6bm pa3pa6oTaH TO/ibKO KaK TecTOBbiM 
MHTepcjDeMC Ann libapt-pkg, ho BBMAy ero OLue/iOM.rmK)Luero ycnexa, 
3 tot cj^aKT TmaTe/ibHO yMa/iHMBaeTCJR. 

Co BpeMeHeM, HecMOTpa Ha nonyrmpHOCTb MHTepcjDeMCOB KOMaHAHOM 
ctpokm, t3kmx KaK apt m apt-get, 6bi/iM pa3pa6oTaHbi pa3/iMHHbie 
rpacjDMnecKMe MHTepcjDei/icbi. Mbi paccMOTpMM Aaa M3 btmx 
MHTepcjDeMCOB b 3tom pa3Ae/ie: aptitude m synaptic. 


Aptitude 


Aptitude, noKa3aHHbiM Ha puc. 8.1, «MeHeA>Kep naKeTOB aptitude» 
[cTp. 191], npeACTaB/iaeT co6om MHTepaKTMBHyK) nporpaMMy, 
KOTopaa MO>KeT Mcno/ib30BaTbCfl b nonyrpacjDMHecKOM pe>KMMe Ha 
kohco/im . Bbi MODKeTe npocMOTpeTb enueoK ycTaHOBneHHbix m 
AOCTynHbix naKeTOB, npocMOTpeTb bckd MHcjDopMauMK) m Bbi6paTb 
naKeTbi A-ns ycTaHOBKM m/im yuaneHwn. nporpaMMa pa3pa6oTaHa 
cneuManbHO A-rm Mcno/ib30BaHMfl aAMMHMCTpaTopaMM, nosTOMy ee 
noBeAeHMe no yMO/inaHMK) HaMHoro 6o/iee MHTe/i/ieKTya/ibHO, neM 
APT, m ero MHTepcjDeMC HaMHoro nerne noHATb. 
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Actions Undo Package Resolver Search Options Views Help 

C-T: Menu ?: Help q: Quit u: Update g: Download/Install/Remove Pkgs 
aptitude 0.6.11 Hill use 6,202 kB of disk spac DL Size: 2,765 kB 

--\ Installed Packages (270) 



—\ admin - Administrative utilities 

(install software, manage 

users, etc) (43 

—\ main - The main Debian archive 

(43) 


i A acpi-support-base 

0.142-6 

0.142-6 

i acpid 

1:2.0.23-2 

1:2.0.23-2 

i A adduser 

3.113+nmu3 

3.113+nmu3 

i A apt 

1.0.9.6 

1.0.9.6 

i A apt-utils 

1.0.9.6 

1.0.9.6 


i A aptitude-common 0.6.11-1 0.6.11-1 

terminal-based package manager 

aptitude is a package manager with a number of useful features, including: a 
mutt-like syntax for matching packages in a flexible manner, dselect-like 
persistence of user actions, the ability to retrieve and display the Debian 
changelog of most packages, and a command-line mode similar to that of apt-get. 

aptitude is also Y2K-compliant, non-fattening, naturally cleansing, and 
housebroken. 

Homepage: http://aptitude.alioth.debian.org/ 


|Tags: admin:configuring, admin::pacl age-management, implemented-in::c++ 


PiicyHOK 8.1 MeHeAMep naxeroB aptitude 

Korfla Bbi 3anycn/iTe aptitude, BaM 6yAeT noi<a3aH crmcoK naKeTOB, 
OTCOpTl/ipOBaHHbIX 110 COCTOflHHKD (yCTaHOBJieHHblM, He 
ycTaHOB/ieHHbm i/mi/i ycTaHOB/ieHHbm, ho HeAOCTynHbm Ha 3epKa/iax), 
TorAa KaK b ApyrHx pa3Ae/iax OTo6pa>KaK)TCfl 3aAani/i, Bi/ipTya/ibHbie 
naKeTbi i/i HOBbie naKeTbi, noflBHBi±ii/iecfl HeAaBHO Ha 3epKa/iax. Ann 
o6nerHeHna TeMaTHnecKoro npocMOTpa AOCTynHbi pa3HOo6pa3Hbie 
pe>KMMbl. 


Bo Bcex c/iyHaflx aptitude OTo6pa>KaeT cni/icoK, oSteAHi-miomuM 
KaTeropnn m naKeTbi Ha 3KpaHe. KaTeropm/i opraHM30BaHbi nepe3 
ApeBOBMAHyK) cTpyKTypy, BeTBi/i kotopom mo>kho pa3BepHyTb 1 / 1 / 11/1 
CBepHyTb c noMombK) K/iaBMiiiH Enter. KnaBmuy «+» c/ieAyeT 
ncnonb30BaTb A-rm Toro, HTo6bi MapKi/ipoBaTb naKeT, KOTopbiM Bbi 
xoTHTe ycTaHOBHTb, «-» cneAyeT i/icno/ib30BaTb A-rm MapKi/ipoBaHi/m 
naKeTOB, KOTopbie Bbi xoTHTe yAa/iMTb, a «_» Ann i/ix ohmctkm. 
06paTMTe BHHM3HHe, HTO 3TM K/1IOHM MOryT T3 K>Ke 6blTb 
ncno/ib30BaHbi Ann KaTeropi/iPi, i/i b btom c/iynae cooTBeTCTByK>mne 
AePicTBi/m 6yAyT npi/iMeHATbCfl ko BceM naKeTaM KaTeropnn. K/iaBmua 
u o6HOB/ifleT cnHCKM AOCTynHbix naKeTOB, b to BpeMA KaK Shift+u 
noAroTaBnMBaeT no/iHoe ci/icreMHoe o6HOB/ieHi/ie. Kruon g 
nepeK/iiOHaeTCfl Ha cBOAHbm pe>KMM npocMOTpa 3anpomeHHbix 
M3MeHeHMH (nOBTOpHblM BBOA Q npi/IMeHMT M3MeHeHl/m), a k/ikdh q 
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3aBepiiiaeT Teicymee npeACTaB/ieHne. Ec/i n Bbi HaxoAHTecb b 
mcxoahom pewnMe npocMOTpa, to 3to 3aKpoeT aptitude. 


flOKyMeHTaMMfl aptitude 

B 3tom pa3Ae/ie He paccMaTpnBaiOTCfl 6o/iee TOHKi/ie HioaHCbi 
i/icno/ib30BaHMfl aptitude, oh cxopee c|30KycnpyeTCfl Ha 
npeAOCTaB/ieHMe aBapnPiHoro naiceTa no/ib30BaTe.rm. Aptitude 
AOCTaTOHHO XOpOLUO AOKyMeHTl/ipOBaHa M Mbl peKOMeHAyeM 
ncnonb30BaTb no/iHoe pyKOBOACTBO, KOTopoe AOCTynHO b naiceTe 
aptitude-doc-en. 

file:///usr/share/doc/aptitude/html/en/index.html 


p,r\9\ noncica naiceTa Bbi MO>KeTe BBecrn Lua6/iOH noncica n/in 
c/ieAOBaTb eMy. 3 tot Lua6/iOH cooTBeTCTByeT hmchh naiceTa, ho MO>KeT 
TaK>Ke npMMeH^TbCJR k onncaHHio (ec/in eMy npeAwecTByeT ~ d), k 
pa3Ae/iy (c ~ s) n/in ApyrHM xapaKTepncrnicaM, yKa3aHHbiM b 
AOKyMeHTaqHM. Te we Lua6/iOHbi MoryT cjDH/ibTpoBaTb crmcoic 
OTo6pa>KaeMbix naiceTOB: BBeAHTe k/ikdh I (icaic b limit ) n BBeAHTe 
Lua6/iOH. 

YnpaB/ieHHe aBTOMarM^ecKOM noMerKOM naiceTOB Debian (cmotpm 
pa3Ae/i 8.3.4 "ABTOMaTi/mecKoe OTc/iewnBaHne ycTaHOB/ieHHbix 
naiceTOB" [crp. 199]) ABrmeTCfl 6e3yMHO npocTbiM c aptitude. Bbi 
MOweTe npocMaTpHBaTb crmcoK ycTaHOB/ieHHbix naiceTOB n OTMenaTb 
naiceTbi icaic aBTOMaTMHecKne c noMombK) Shift + m n/in Bbi MOweTe 
yAa/iMTb OTMeTKy c noMombK) K/iaBnuin m. ABTOMaTHnecKne naiceTbi 
OTo6pa>KaK)Tc?i c «A» b cnncice naiceTOB. 3Ta c^yHicunfl Taoce 
npeA/iaraeT npocron cnoco6 BH3ya/iM3aMHM naiceTOB, ncno/ib3yeMbix 
Ha ManiMHe, 6e3 Bcex 6n6/inoTeK n 3aBncnMOCTen, KOTopbie BaM 
a6conK)THO He HywHbi. CBfl3aHHbin Lua6/iOH, icoTopbin MOweT 6biTb 
ncnonb30BaH c I (limit) (a.t m aicTHBaunn pewnMa cj^HnbTpa) nBnnejcn 
~i!~M. Oh o6o3HanaeT, hto Bbi xoTi/ue yBHASTb TO/ibKO 
ycTaHOB/ieHHbie naiceTbi (~i), He OTMeneHHbie icaic aBTOMaTi/Necici/ie 
(!~M). 


Mcno/ib 3 oeaHMe aptitude b I/I HTepct>e rice KOMaHAHO ctpokm 

Bo/ibLUMHCTBO oco6eHHOCTen Aptitude AOCTynHO nepe3 
HHTepaKTMBHblM MHTepC^eMC TaiOKe KaK H Hepe3 KOMaHAHyK) CTpOKy. 
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3tm KOMaHflHbie ctpokm noKawyTCfl oneHb 3HaKOMbiMM nocTOAHHbiM 
no/ib 30 BaTe/iJRM apt-get m apt-cache. 

PaauMpeHHbie cj^yHKUMM aptitude TaK>Ke AOcrynHbi b KOMaHAHOM 
CTpoKe. Bbi MOweTe Mcno/ib30BaTb Te >Ke Lua6/iOHbi noucica naKeTOB, 
HTO M B MHTepaKTMBHOM BepCMM. HanpMMep, ec/lkl Bbl XOTMTe OHMCTMTb 
cnncoK ycTaHOB/ieHHbix BpynHyio naKeTOB, m ec/iM Bbi 3HaeTe, hto hm 
OAHa M3 /lOKajibHO ycTaHOB/iem-ibix nporpaMM He Tpe6yeT KaKMx-/iM6o 
KOHKpeTHbix 6M6nMOTeK m/im MOAy/iePi Perl, Bbi MOweTe noMeTMTb 
cooTBeTCTByiOLAMe naKeTbi KaK aBTOMaTMnecKMe c noMombK) oahom 

KOMaHAbi: 


# aptitude markauto '-slibs|-sperl' 


3Aecb Bbi MO>KeTe neTKO yBMASTb boo cM/iy cMCTeMbi Lua6/iOHOB 
noMCKa aptitude, KOTopaa no3BO.rmeT MrHOBeHHO Bbi6MpaTb Bee 
naKeTbi b Tibs m perl pa3Aenax. 

OcTeperaPiTecb c/iynaeB, KorAa HeKOTopbie naKeTbi OTMeneHbi KaK 
aBTOMaTMnecKMe, ho HMKaKMe Apyrue naKeTbi He 3aBMCfiT ot hmx. 
TaKMe naKeTbi 6yAyT HeMeA-neHHO yAa/ieHbi (noc/ie 3anpoca Ha 
noATBep>KAeHMe). 


YnpaB/ieHne peKOMeHflauimiMM, npeA/ioweHMflMM n 3aflanaMH 

Eme OAHa MHTepecHaa oco6eHHOCTb aptitude 3aK/iK)HaeTCfl b tom, hto 
OHa yHMTbiBaeT peKOMeHAaqMM Me>KAy naKeTaMM, npeAOCTaB/iaa 
n0/lb30BaTe/lf1M B03M0>KH0CTb He ycraHaB/lMBaTb MX B Ka>KAOM 

KOHKpeTHOM c/iynae. HanpMMep, naKeT gnome peKOMeHAyeT gdebi 
(cpeAM ApyrMx). KorAa Bbi Bbi6MpaeTe nepBbiM Ann ycTaHOBKM, 
noc/ieAHMM Tao<e 6yAeT Bbi6paH (m 6yAeT OTMeneH KaK 
aBTOMaTMnecKMM, ec/iM oh eme He ycraHOB/ieH b cMCTeMe). Bboa g 
CAe/iaeT bto oneBMAHbiM: gdebi noflBrmeTCfl b OKHe CBOAKe 
OKMAaKDLUMX AeMCTBMM B CnMCKe naKeTOB, ycTaHOB/ieHHbix 
aBTOMaTMnecKM A-n^ yAOB/ieTBopeHMA 3aBMCMMOCTeM. OAHaKO, Bbi 

MO>KeTe peniMTb He ycraHaB/iMBaTb ero, OTMeHMB ero Bbi6op, npe>KAe 
neM noATBep>KAaTb onepauMM. 

06paTMTe BHMMaHMe, hto 3Ta c^yHKUMfl OTc/ie>KMBaHMfl peKOMeHAauMM 
He npMMeHfieTc?i k o6HOB/ieHMflM. HanpMMep, ec/iM HOBaa BepcMfl 
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gnome peKOMeHflyeT naiceT, KOTopbiPi paHee He peKOMeHAOBa/ica, 
naKeT He 6yAeT noMeneH Ann ycraHOBKM. OflHaKO oh 6yAeT yKa3aH Ha 
aKpaHe o6HOBneHMjq, HTo6bi aAMMHMcrrpaTop b c/iynae Heo6xoAHMOCTM 
Mor Bbi6paTb ero Ann ycraHOBKM. 

Tai<>Ke yHMTbiBaKDTca npeA-noweHMA Me>KAy naKeTaMM, ho b 

COOTBeTCTBHH C MX KOHKpeTHbIM CT3TyC0M. HanpMMep, nOCKOnbKy 
gnome npeA-naraeT dia-gnome, noc/ieAHMi/i 6yAeT OTo6pa>KaTbCfl b 
OKH e cboakm OKMAaKDLUMx aomctbmm (b pa3Aene naKeTOB, 
npeA/io>KeHHbix ApyrMMM naKeTaMM). TaKMM o6pa30M, aAMMHMCTpaTop 
CMO>KeT peLUMTb, npMHMMaTb BO BHMM3HMe 3T0 npeA/10>KeHMe M/IM HeT. 
nocKonbKy 3 to Bcero ziMnib npeA-noweHMe, a He 3aBMCMMOCTb m/im 
peKOMeHAauMjq, naKeT He 6yAeT Bbi6paH aBTOMaTMnecKM - ero Bbi6op 
Tpe6yeT pynHoro BMeuiaTe/ibCTBa (TaKMM o6pa30M, naKeT He 6yAeT 
OTMeneH KaK aBTOMaTMnecKM m). 

B 3tom >Ke Ayxe, noMHMTe hto aptitude pa3yMHO Mcno/ib3yeT 
KOHuenuMK) 3aAan. nocKO/ibKy 3aAaHM OTo6pa>KaK)TCfl b bmas 
K aTeropMM Ha BKpaHax cnMCKOB naKeTOB, Bbi MO>KeTe Bbi6paTb KaK 
nonHyK) 3aAany A-na ycTaHOBKM m/im yAaneHMA, TaK m npocTO 
npocMOTpeTb cnMcoK naKeTOB, BK/iK>HeHHbix b 3aAany, HTo6bi Bbi6paTb 
MeHbiuyK) noArpynny. 

Eosiee 34>4>eKTMBHbie a/iropnTMbi B 3aK/iK)HeHMe btoto pa3Ae/ia 
OTMeTMM, hto aptitude MMeeT 6o/iee c/io>KHbie a/iropMTMbi no 
cpaBHeHMK) c apt, KorAa Ae/io aoxoamt ao peuieHMA cno>KHbix 
CMTyauMM. KorAa 3anpaniMBaeTCfl Ha6op aomctbmm m KorAa btm 
coBMecTHbie agmctbma npMBOA^T k HeKorepeHTHOM cMCTeMe, aptitude 
oueHMBaeT HecKO/ibKO B03M0>KHbix cueHapMeB m npeACTaB/ijqeT mx b 
nopHAKe yMeHbiueHMjq b3>khoctm. OAHaKO, btm a/iropMTMbi He 
flB/lflKDTCfl H3AS>KHblMM. K CHaCTbK), BCerAa eCTb B03M0>KH0CTb 
BpyHHyK) Bbi6paTb asmctbm^ A-nfl Bbino/iHeHMA. KorAa TeKymMe 
Bbl6paHHbie AeMCTBM^ npMBOAflT K npOTMBOpeHMJIM, B BepXHePi H3CTM 
3KpaHa yKa3biBaeTca KO/iMnecTBO HeMcnpaBHbix naKeTOB (Bbi MO>KeTe 
HanpjqMyK) nepePiTM k btmm naKeTaM, Ha>KaB b). 3aTeM Bbi MO>KeTe 
BpyHHyio co3AaTb pemeHMe. B h3cthoctm, Bbi MO>KeTe no/iynMTb 
AOCTyn k pa3/iMHHbiM AOCTynHbiM BepcMAM, Bbi6paB naKeT c noMombK) 
Enter. Ec/im Bbi6op oahom m3 btmx BepcMM pemaeT npo6/ieMy, Bbi He 
AO/l>KHbl COMHeBaTbCfl B BepHOCTM peLUeHMfl M MCn0/lb30BaTb 3Ty 
c^yHKUMK). KorAa KO/iMnecTBO cnoMaHHbix cHMwaeTca ao Hyrm, Bbi 
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MOweTe 6e3onacHO nepePiTM k OKHy cboakm o>KMAaK)LUMx AePicTBMPi 
Arm noc/ieAHePi npoBepKM nepeA nx npMMeHeHMeM. 


>KypHa/i Aptitude 

Kai< m dpkg, aptitude xpam/iT c/ieA Bbino/iHeHHbix AePi ctbhm b cBoeM 
cf/aPi/ie >KypHa/ia (/var/log/aptitude). OAHaico, nocKO/ibKy o6e 
KOMaHAbi pa6oTaK)T Ha coBepmeHHO pa3HOM ypoBHe, Bbi He MoweTe 
h3mtm Ty >Ke MH(£opMai 4 MK) b cbomx cooTBeTCTByK)Lunx cj^aPmax 
>KypHa/iOB. Xot a dpkg perMcrpMpyeT Bee onepauMM, Bbino/iHaeMbie Ha 
OTAe/ibHbix naiceTax mar 3a waroM, aptitude AaeT 6o/iee LUMpoKMPi 
o63op onepauMPi Bbicoicoro ypoBHA, Ta kmx iok o6mecMCTeMHoe 
o6HOBneHne. 

Ho 6yAbTe oneHb BHMMaTe/ibHbi, t.k. btot c^aPin >KypHa/ia coagp>kmt 
TO/ ibKO cBOAKy onepaqMPi, Bbino/iHeHHbix aptitude. Ec/im 
ncno/ib3yK)TC5q ApyrHe MHTepc^ePicbi (m/im Aa>Ke caM dpkg), to wypHa/i 
aptitude 6yAeT coAepwaTb TO/ibKO nacTMHHbiPi bma onepauMPi, noaTOMy 
Bbi He MO>KeTe no/iaraTbca Ha Hero, HTo6bi BbicrpoMTb AOCTOBepHyK) 
MCTOpMK) CMCTeMbl. 


Synaptic 


Synaptic flBrmeTCfl rpacjDMHecKMM MeHeAwepoM naiceTOB, KOTopbiM 
HMeeT HMCTbiM m acfjcjDeKTMBHbiM rpacj^MnecicMPi MHTepc|3ePic (cm. Pmc. 
8.2, «MeHeA>Kep naiceTOB Synaptic» [cTp. 194]) Ha ocHOBe GTK + m 
GNOME. B HeM cymecTByeT mhokcctbo roTOBbix k ncno/ib30BaHMK) 
(|)M/ibTpoB, KOTopbie o6ecnenMBaK)T 6bicTpbiPi AOCTyn k HOBbiM 
naxeTaM, ycTaHOB/ieHHbiM naiceTaM, o6HOB.rmeMbiM naiceTaM, 
ycTapeBmMM naxeTaM m t. a- Ec/im Bbi npocMaTpMBaeTe btm cnMCKM, 
Bbi MO>KeTe Bbi6paTb onepauMM, KOTopbie AO/i>KHbi Bbino/iHATbca b 
naxeTax (ycraHOBica, o6HOB/ieHMe, yAa/ieHMe, OHMineHMe); btm 
onepauMM Bbino/iHflKrrcfl He cpa3y, ho ohm 3aHOc?iTCfl b cnMcox 3aAaH. 
Oamh me/iHOK Ha KHonice 3anycKaeT npoBepicy onepauMM, m ohm 
B bino/iH5iK)TC?i cpa3y >Ke. 
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Synaptic Package Manager 


Fie Edit Package Settings Help 


<i* er 

Reload Mark All Ubae 


*w‘y 


(2 

Properties 




AU 


Installed Version 

Latest Version 

Description 

be tailed 

\me> kbo_ 

1 l&H 

1 IS 5-2 

UnuK console font and key tab.e utilities 

retailed (ma-tjji) 


1 116 


KULg-imiiM-mn.i.n'i 

ns tailed (upgradable) 

1 P klibc utt* 

2 0 4? 

2 0 4? 

*-all utiites built weh Idibc fo* early bo 

Not installed 

1 P kmod 

18-3 

16-3 

tools for managng bnutt kernei modules 

Not installed (residue! config) 

O P IrtS-locjlM 

1 12 l + dftg-16 

1 12 lt-dTsg-17 

hncerrutcrvaUutcn support for MIT Kerb' 


P Uptop datKl 

0137 

013 7 

attempt to d»t»i t * up top 


B P l.» 

454-3 

454-3 

□eoer program smta to more 


Sections 


Ongn 


Custom Filters 


Search Results 


system-wide keyboard preferences P 

Get Changetog 


Gel Scr* 


(Shot 


Thu package mirtar* the keyboard preference* n 
/etc/defaultiVeyboard Othe- package* can use the rformabon 
provided by the package m order to configure the keyboard on the 
console or n X Wntow 


Art Mac lure 

1607 packages listed. 1607 installed 0 broken 5 to inttaUfupgrada. 1 to remove. 255 kfi <*11 be freed 


PucyHOK 8.2 MeneayKep naKeTOB synaptic 


8.3 Aono/iHkiTe/ibHan HacrpoMxa m ncno/ib30BaHne APT 

Tenepb npmu/io BpeMA norpy3MTbCjR b 6o/iee c/io>KHbie TeMbi. Bo- 
nepBbix, Mbi paccMOTpMM pacLunpeHHyK) KOHc^nrypaunK) APT, KOTopaa 
no3BonnT BaM ycraHOBi/iTb 6o/iee nocTO^HHbie napaMeTpbi, KOTopbie 
6yflyT npi/iMehmTbCfl k 1/iHcrpyMeHTaM APT. 3aTeM Mbi noKa>KeM BaM, 
KaK ynpaB/ifiTb npnopnTeTaMM naKeTOB, hto OTKpoeT HaM ABepb unn 
AOnO/lHMTenbHOM HaCTpOMKM, n0/lb30BaTe/lbCKMX 06 H 0 B/ieHl/M M 
MOAepHM3ai4MM. Mbi TaK>Ke noKa>KeM, KaK o6pamaTbCfl c HecKO/ibKMMM 
AMCTpn6yTMBaMM, HT 06 bl Bbl M0r/1M HaHaTb 3KCnepHMeHTkipOBaTb c 
naKeTaMM, nocTynaiomuMH M3 ApyrMx AncTpn6yTMB0B. 3aTeM Mbi 
paccMOTpuM, KaK OTc/ie>KMBaTb aBTOMaTMHecKM ycTaHOBneHHbie 
naKeTbi, hto no3BO/ii/iT BaM ynpaBrmTb naKeTaMH, KOTopbie 
ycTaHaB/iMBaK)TC?i nepe3 3aBMCMM0CTM. Mbi T3K>Ke o6t3?ichmm, k3kmm 
o6pa30M noAAep>KKa multiarch AaeT HaM B03M0>KH0CTb 3anycKa 
naKeTOB, co3AaHHbix A-nfl pa3/ii/iHHbix annapaTHbix apxMTeKTyp. \A 
noc/ieAHee, ho He MeHee Ba>KHoe: Mbi o6cyAHM Kpi/inTorpacjDMHecKMe 
npoTOKO/ibi m yTnnnTbi, KOTopbie no3BO/iaT BaM npoBepMTb 
noA/inHHOCTb Ka>KAoro naKeTa. 
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8.3.1 HacTpotiKa APT 


llepeA TeM KaK Mbi ymy6MMCfl b M3yneHMe Toro, KaK HacrpoMTb APT, 
AaBaPiTe noTpaTMM HeMHoro BpeMeHM m o6cyAHM MexaHH3M 
KOHc^MrypauMn cMcreMbi Debian. B TeneHMe A-nuTe/ibHoro BpeMeHM 
HacTpoMKa npoBOAH/iacb cneuMa/ibHO 3aToneHHbiMM noA bto 
cJ^aM/iaMM. OAHaKO b coBpeMeHHbix Linux cMCTeMax, BpoAe Debian m 
Kali, AnpeKTopMM KOHcjDMrypauMM c cycj^MKcoM .d Mcno/ib3yK)TCfl Bee 
name m name. KawAaa AnpeKTopMfl npeACTaBrmeT co6om cj^aMn 

KOHCjDMrypaUMM, KOTOpbIM B CBOK) OHepeAb pa36MT Ha MHO>KeCTBO 
c^ai/moB. B 3tom cMbic/ie Bee c^ai/mbi b /etc/apt/apt.conf.d/ 
Mcno/ib3yK)TCfl A-n^ HacrpoMKM APT. APT o6pa6aTbiBaeT c^aM/ibi b 
a/icf>aBMTHOM nop^AKe, tbkmm o6pa30M, hto 6o/iee no3AHMe c^ai/mbi 
MoryT M3MeH?iTb aneMeHTbi KOHcfjMrypaqMM, onpeAeneHHbie b 6o/iee 
paHHMx c^ai/max. 

3Ta CTpyKTypa npeAOCTaBrmeT onpeAeneHHyK) rM6KOCTb 
aAMMHMCTpaTopy m TeM, kto 3aHMMaeTCjR noAAep>KKOM naKeTOB, 
no3BO/ifi5q mm npoM3BOAHTb M3MeHeHMfl b HacTpoPiKax nporpaMMHoro 
o6ecneneHMjR c noMombK) Ao6aB/ieHMfl c^ai/moB 6e3 Heo6xoAHMOCTM 
M3MeHeHMa y>Ke cymecTByKDmero cjDaM/ia. 3to oco6eHHO none3HO A-rm 
Tex, kto 3aHMMaeTca noAAsp>KKOM naKeTOB, noTOMy hto ohm MoryT 
Mcno/ib30BaTb 3tot noAXOA A-n^ aAanTaqMM KOHcf)MrypaMMM Apyroro 
nporpaMMHoro o6ecneneHMfl, HTo6bi rapaHTMpoBaTb, hto oho 6e3 
npo6/ieM cMO>KeT cocymecTBOBaTb c ApyrMM nporpaMMHbiM 
o6ecneneHMeM, He Hapyuiafl no/iMTMKM Debian, KOTopaa b cbokd 
onepeAb CTporo 3anpemaeT M3MeHeHMe KOHcfjMrypaqMM c|3aM.noB 
ApyrMx naKeTOB. B/iaroAapa MexaHM3My .d KOHcjDMrypauMM BaM He 
Hy>KHO BpyHHyK) C/ieAOBaTb MHO>KeCTBy MHCTpyKMMM no HaCTpOMKe 
naKeTOB, KOTopbie o6biHHO HaxoAflTCfl b cj^aM/ie naKeTa 
/usr/share/doc/package /README.Debian, t.k. ycTaHOBLUMK MO>KeT 
o6pamaTbCfi k (^ai/my KOHcfjMrypauMM. 


ByflbTe ocTopo>KHbi c 4>aM/iaMM KOncfjHrypauMM, KOTopbie 6 burn 
C03flaHbl B .d AMpeKTOpMM 

Xot n APT MMeeT BCTpoeHHyK) noAAsp>KKy cBoero KaTa/iora 
/etc/apt/apt.conf.d, bto He BcerAa TaK. fl/i n HeKOTopbix npM/io>KeHMM 
(HanpMMep, Ann exim), AnpeKTopMA .d nsnnejcn oco6biM 
Aono/iHeHMeM Debian, KOTopoe Mcno/ib3yeTCfl b KanecTBe bxoas Ann 
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AMHaMMHecKoro co3AaHkm KaHOHMHecKoro ct>an.na KOHcJ^nrypaunn, 
ncnonb3yeMoro npn/io>KeHneM. B TaKi/ix cnynaflx naiceTbi 
n peAOCTa b/i 9 \ k>t KOMaHAy "update-*" (HanpnMep: update- 
exim4.conf), KOTopaa noc/ieAOBaTe/ibHO coeAHHMT c^an/ibi M3 .d 
AnpeKTopnn n nepe3anmueT ochobhom c^aki/i KOHcf)nrypai4nn. 

B noAo6Hbix cMTyaui/mx Bbi hm b KoeM c/iynae He AO/i>KHbi BpyHHyio 
peAa kth poBaTb ochobhom cj^an/i KOHcj^nrypaunn, t.k. Banin n3MeHeHHjR 
6yAyT noTepjRHbi noc/ie c/ieAyiomero 3anycKa KOMaHAbi update-*, a 
Taioxe Bbi HnKorAa He AO/i>KHbi 3a6biBaTb 3anycKaTb npeAbiAymyK) 
KOMaHAy noc/ie peAaKTnpoBaHi/m c^an/ia n3 .d AnpeKTopnn (n/in Banin 
n3MeHeHnfi He 6yAyT ncno/ib30BaTbC5i). 


Tenepb BOopy>KnBnincb noHnMaHneM MexaHH3Ma .d KOHc^nrypaunn, 
AaBanTe noroBopnM o tom, KaK Bbi MOweTe ncno/ib30BaTb bto A-rm 
HacTponKn APT. KaK Mbi y>xe o6cyAn/in, Bbi MO>KeTe n3MeH?iTb 
noBeAeHne APT c noMonibio dpkg apryMeHTOB KOMaHAHon CTpoKn, KaK 
b 3tom npnMepe, KOTopbin Bbino/iHfleT npnHyAnTe/ibHyio nepe3anncb 
ycTaHOBKn zsh: 


# apt -o Dpkg::Options::="*-force-overwrite" install zsh 


OneBnAHO, hto bto AOBO/ibHO rp0M03AK0, oco6eHHO ec/in Bbi 
ncno/ib3yeTe onunn Macro, ho Bbi TaK>xe MO>KeTe ncno/ib30BaTb 
CTpyKTypy KOHcj^nrypaunn .d AnpeKTopnn A-nfl HacTponKn 
onpeAeneHHbix acneKTOB APT, nyTeM Ao6aB/ieHnfl aupgkthb b 4>an/ibi 
b AnpeKTopnn /etc/apt/apt.conf.d/. HanpnMep, 3Ta (n MHorne 
Apyrne) AnpeKTnBbi MoryT c nerKOCTbio 6biTb Ao6aB/ieHbi k cranny b 
/ etc/apt/apt.conf.d/. I/Ima btoto (patina HecKO/ibKO npon3BO/ibHO, ho 
o6ninM yc/iOBHbiM o6o3HaneHneM AB/ifleTca ncno/ib30BaHne /in6o 
local, /in6o 991ocal: 


$ cat /etc/apt/apt.conf.d/99local 

Dpkg::Options { 

" - - force-overwrite"; 

} 

CyniecTByeT AOBO/ibHO MHoro Apyrnx no/ie3Hbix onqnn KOHcf/nrypaunn 
n Mbi, k co>Ka.neHHK), He cmokcm 3aTpoHyTb nx Bee. TeM He MeHee, 
OAHy H3 HHX Mbi 06cyAHM. Ty, KOTOpafl OTHOCnTCJl K CB513aHHOCTn 
y3/iOB b ceTH. HanpnMep, ec/in Bbi nMeeTe AOCTyn k nHTepHeTy TO/ibKO 
nepe3 npoKcn, Ao6aBbTe CTpoKy BpoAe Acquire::http::proxy "http- 
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Hyourproxy: 3128". Ana npoKcn FTP ncno/ib 3 yMTe 

Acquire: :ftp:: proxy "ftp*. Hyourproxy". 

HTo6bi y3HaTb 6ojibi±ie 06 onpi/mx HacrponKn, Mbi peKOMeHflyeM BaM 
npoHMTaTb cTpaHMpy pyKOBOACTBa k apt.conf(5) c noMombK) KOMaHAbi 
man apt. Conf. 


8.3.2 YnpaBAeHne npHopmeiaMM naKeTOB 

Oahum H3 caMbix BawHbix acneKTOB b KOH^MrypaqnM APT flBrmeTca 
ynpaBneHne npnopnTeTaMn, cB?i3aHHbiMn c KawAbiM hctohhukom 
naKeTOB. HanpnMep, Bbi MO>KeTe 3axoTeTb pacuinpi/iTb cbokd Kali 
Rolling cncTeMy Ha oahh n/in ABa 6o/iee HOBbix naKeTa Debian 
Unstable n/in Debian Experimental. TaKwe bo3mo>kho Ha3Hani/iTb 
npnopnTeT A-n^ Ka>KAoro AOCTynHoro naKeTa (oahh h tot we naKeT 
MOWeT HMeTb HeCKO/lbKO npi/IOpi/ITeTOB B 3aBHCHMOCTH OT erO BepCMM 
n/in ot AHCTpn6yTMBa, npeAOCTaBMBLuero ero). 3th npnopnTeTbi 6yAyT 
B/in^Tb Ha noBeAeHHe APT: A-rm KawAoro naKeTa oh BcerAa 6yAeT 
Bbl6npaTb BepCMK) C HaMBbICLUMM npMOpHTeTOM (3a MCK/lK)HeHHeM 
c/iynaeB, KorAa 3Ta Bepcna crapiue ycTaHOB/ieHHOH, a ee npnopnTeT 
MeHbiue 1000). 

APT onpeAe/iaeT HecKO/ibKO npnopnTeTOB no yMO/inaHi/iK). KawAbin 
ycTaHOB/ieHHa^i Bepci/m naKeTa 06 /iaAaeT npnopnTeTOM paBHbiM 100. 
HeycTaHOBneHHafl Bepcna nMeeT npnopnTeT 500 no yMO-nnaHHK), ho 
OHa MOweT M3MeHMTbCJR Ha 990, ecrm AB/iaeTCfl nacTbK) qe/ieBoro 
BbinycKa (onpeAeneHHOH c noMombK) onunn kom3hahoh crpoKH -t 
n/in APT::Default-Release AnpeKTHBOH KOH^nrypaunn). 

Bbi MOweTe M3MeHATb npnopnTeTbi nyTeM Ao6aB/ieHi/ifl 3anncen b 
c^an/i /etc/apt/preferences c HMeHaMH noBpewAeHHbix naKeTOB, nx 
Bepcnen, hx npon3BOAHTeneM n hx HOBbiM npnopnTeTOM. 

APT HMKorAa He ycraHOBMT 6onee CTapyK) Bepcnio naKeTa (HMeeTCfl 
BBHAy naKeT, Hbj r Bepcna AB/iaeTCfl 6o/iee crapon no OTHOLueHHK) k 
cymecTByKDmeM Bepcnn ycTaHOB/ieHHoro naKeTa) 3a HCK/noHeHneM 
Tex c/iynaeB, KorAa ee npnopnTeT Bbime 1000. APT BcerAa 6yAeT 
ycTaHaBnMBaTb naKeT c caMbiM bhcokhm npnopnTeTOM, KOTopbin 
Bbime yKa3aHHon MMc^pbi. Ec/in y AByx naKeTOB OAHHaKOBbin 
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npi/iopi/iTeT, APT ycTaHOBMT caMbiM HOBbiPi (nei/i HOMep Bepcm/i caMbiM 
BbicoKMM). Ecni/i ABa naKeTa MMeK)T OAHHaKOByK) BepcMK) m 
npMOpMTeT, HO OT/lMMaK)TCfl CBOMM COAep>KaHMeM, APT ycTaHOBMT Ty 
BepcMK), KOTopaa eiue He 6bma ycraHOB/ieHa (bto npaBM/io 6bmo 
co3AaHO A-nfl toto, MTo6bi 3aTparnBaTb c/iynan, KorAa naKeT 
o6HOBM/icfi, ho He o6hobm/ic5i HOMep ero BepcMM). 

Bonee KOHKpeTHO, naKeT, npnopnTeT KOToporo MeHbiue 0, HMKorAa He 
6yAeT ycTaHOB/ieH. flaKeT c npnopnTeTOM b Anana30He ot 0 ao 100 
6yAeT ycTaHOBneH TO/ibKO b tom c/iynae, ec/iM Apyraa BepcMK naKeTa 
eme He 6bma ycraHOB/ieHa. ripn npnopnTeTe ot 100 ao 500 naKeT 
6yAeT ycTaHOBneH TO/ibKO b tom c/iynae, ec/iM b ApyroM AncTpn6yTHBe 
HeT ApyroPi 6o/iee hobom Bepcm/i, ycTaHOB/ieHHOM m/im AOcrynHOM. 
naKeT npnopnTeTOB Me>KAy 501 h 990 6yAeT ycraHOB/ieH TO/ibKO b 
tom cnynae, ecni/i HOBaa BepcMK He ycraHOB/ieHa m/im HeAOCTynHa b 
ue/ieBOM AncTpn6yTHBe. naKeT c npnopnTeTOM ot 990 ao 1000 6yAeT 
ycTaHOB/ieH b c/iynae, ec/iM cymecTByKDmaa BepcMK flBrmeTCfl 6onee 
CTapoPi. npnopnTeT, npeBbiniafomuM 1000, BcerAa npMBeAOT k 
ycTaHOBKe naKeTa, Aa>Ke ec/iM oh 3acTaBHT APT nepeMTM Ha 6o/iee 
paHHKDK) BepCMK). 

KorAa APT npoBepaeT /etc/apt/preferences, oh cHana/ia ynMTbiBaeT 
Han6o/iee KOHKpeTHbie 3anncn (Macro yKa3biBaK>mne 
cooTBeTCTByKDLUHM naKeT), 3aTeM 6onee o6mne (b tom MMcne, 
HanpMMep, Bee naKeTbi AncTpn6yTMBa). Ec/im cymecTByeT HecKO/ibKO 
o6lumx 3anncePi, ncno/ib3yeTc?i nepBoe cooTBeTCTBHe. /locrynHbiM 
KpHTepkiPi Bbi6opa BK/iK)HaeT b ce6a mma naKeTa m mctomhmk, KOTopbiM 
ero npeAOCTaBH/i. KawAbiPi mctomhmk naKeTa MAeHTMcj^MUMpoBaH 
MHcjDopMauMeM coAep>KameMCfi b cJ^aM/ie Release, KOTopbiM APT 
3arpy>KaeT BMecTe c c^aPmaMH Packages. 3tm cjoan/ibi o6biMHO 
yKa3biBaK)T hctomhmk, "Kali" A-rm naKeTOB c oc^MUMa/ibHbix 3epKan Kali 
m «Debian »A-rm naKeTOB c ocf)MMMa/ibHbix 3epKan Debian, ho 
MCTOMHMKOM T3 K>Ke MO>KeT 6blTb H33BaHMe OpraHM3ai4MM, MM 9\ 
Me/iOBeKa m/im >Ke H33BaHMe KaKMx-/iM6o Apyrnx peno3MTopMeB. OaM/i 
Release TaK>Ke npeAOCTaBrmeT Ha3BaHMe AncTpM6yTMBa BMecTe c ero 
BepcMePi. Tenepb, AaBaPiTe no3HaKOMMMca c ero cmht3kcmcom Ha 
npMMepe pea/ibHoro c/iyMaa, A-rm 6onee no/iHoro noHMMaHMA 
MexaHM3Ma. 


ripnopuTeT Kali-Bleeding-Edge n Debian Experimental 
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Ec/im Bbi yKa3ann kali-bleeding-edge m/im Debian experimental b 
BameM Rapine sources.list, to cooTBeTCTByioiAMM naKeT npaKTMnecKM 
HMKorAa He 6yAeT ycraHOB/ieH, noTOMy hto mx APT npnopnTeT no 
yMO/inaHHK) 1. 3to, 6e3yc/iOBHO, oco6eHHbii/i c/iynaPi, KOTopbiPi 6bm 
3aAaH cneqHa/ibHO A-rm toto, HTo6bi npeAOTBpaTHTb no/ib30BaTe/iei/i 
ot olum6ohhom ycTaHOBKM bleeding edge naiceTOB. llaKeTbi MoryT 6biTb 
ycTaHOB/ieHbi TO/ibKO nyTeM bboas apt install package/kali-bleeding- 
edge, npeAno/iaraa, kohchho, hto Bbi no/iHOCTbK) oco3HaeTe pmckm h 
noTeHui/ia/ibHbie npo6/ieMbi «>km3hm Ha KpaK)» (life on the edge), no- 
npe>KHeMy bo3mo>kho (xota m He peKOMeHAyeTCfl) o6pa6aTbiBaTb 
naKeTbi kali-bleeding-edge/experimental, aHa/iorMHHO naKeTaM M3 
Apyrkix AHCTpn6yTMBOB, npeAOCTaB/iflfl mm npnopMTeT 500. 3to 
Ae/iaeTca c noMOLUbio KOHKpeTHOM 3anMCM b /etc/apt/preferences: 


Package: * 

Pin: release a=kali-bleeding-edge 
Pin-Priority: 500 


flaBaMTe npeAno/io>KMM, hto Bbi Bcero rmuib xoTMTe Mcno/ib30BaTb 
naKeTbi Kali m >Ke/iaeTe, HTo6bi naKeTbi Debian ycraHaB/iMBa/iMCb 
TO/ibKO npM abhom 3anpoce. Bbi MO>KeTe HanncaTb c/ieAyK>myK) 3anMCb 
b cj^aM/ie /etc/apt/ preferences (m/im b /ik>6om ApyroM c^ai/me b 
/etc/apt/preferences.d/): 


Package: * 

Pin: release o=Kali 
Pin-Priority: 900 

Package: * 

Pin: release o=Debian 
Pin-Priority: -10 


B noc/ieAHMx AByx npMMepax Bbi BCTpena/iM a = kali-bleeding-edge, 
hto o6o3HanaeT hmji Bbi6paHHoro AncrpM6yTMBa, a Ta K>Ke Bbi momm 
BMASTb o=Kali m o=Debian, hto b cbokd onepeAb orpaHMHMBaeT cc^epy 
Ae^Te/ibHOCTM naKeTOB, HbMM mctohhmkom AB.rmK)TCfl Kali m Debian, 
COOTBeTCTBeHHO. 

Tenepb AaBaPiTe npeAno/io>KMM, hto y Bac ecTb cepBep c HecKO/ibKMMM 
nOKa/lbHblMM npOrpaMMaMM, KOTOpbie HaXOAATCfl B 3aBMCMMOCTM OT 
BepcMM Perl 5.22 m Bbi, COOTBeTCTBeHHO, xoTMTe y6eAHTbca b tom, hto 
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o6HOB/ieHMe He ycraHOBHT ApyryK) Bepcnio. Bbi MO>KeTe ncno/ib30BaTb 
cne,ayK)myK) 3anncb. 


Package: perl 
Pin: version 5.22* 
Pin-Priority: 1001 


CnpaBOHHaa AOxyMeHTaqi/m fl/isq 3Toro ct>ai/i.na xoHc|3nrypaMMn 
AOCTynHa Ha crpaHi/iue pyxoBOACTBa apt_pref erences (5), KOTopyK) 
Bbi MO>KeTe BbiBecTH Ha aicpaH c noMombK) KOMaHAbi man 
a pt_p references. 


flo6aB/ieHne KOMMenTapMee b /etc/apt/preferences 

B /etc/apt/preferences He cymecTByeT oc^Mui/ia/ibHoro ci/iHTaxci/ica 
A-na KOMMeHTapneB, ho HeKOTopbie TeKCTOBbie onMcaHMjR MoryT 6biTb 
npeAOCTaB^eHbi nyTeM Ao6aB/ieHi/m oahoto m/ii/i Hecxo/ibxi/ix no/ien 
Explanation b xa>xAyx> 3anncb: 


Explanation: The package xserver-xorg-video-intel provided 
Explanation: in experimental can be used safely 
Package: xserver-xorg-video-intel 
Pin: release a=experimental 
Pin-Priority: 500 


8.3.3 Pa6oia c HecKOAbKMMM A,i/icTpM6yTMBaMM 

YHi/iTbiBaa, hto apt AB-rmeTca Taxi/iM 3aMeHaTe/ibHbiM MHcrpyMeHTOM, 
Bbi, cKopee Bcero, 3axoTMTe norpy3MTbCfl h HanaTb 
3KcnepnMeHTnpoBaTb c naxeTaMM, nocrynaiOLUHMi/i H3 Apyrwx 
AncTpn6yTHBOB. HanpnMep, noc/ie ycraHOBxn cMcreMbi Kali Rolling, 
Bbi MOweTe nonpo6oBaTb naxeT nporpaMMHoro o6ecneHeHi/m, 
AOCTynHbiPi b Kali Dev, Debian Unstable urm Debian Experimental, He 

C/1MLUXOM CM/lbHO OTAarmflCb OT HCXOAHOTO COCTOflHMfl CMCTeMbl. 

fla>xe ec/in Bbi BpeMA ot BpeMeHn cranxi/iBaeTecb c npo6neMaMM, 
xorAa Bbi cMeniHBaeTe naxeTbi M3 pa3/iMHHbix AncTpn6yTHBOB, apt 
ot/imhho cnpaB/iaeTCJR c Taxoro poAa cocymecTBOBaHneM h oneHb 
3Cj3Cf)eXTMBHO OrpaHMHMBaeT PMCXM (npM yC/lOBHM, HTO 3aBHCMMOCTM 
naxeTOB TOHHbi). CHana/ia nepeHnc/iMTe Bee AncTpn6yTMBbi, 
ncnonb3yeMbie b /etc/apt/sources, list, m 3aTeM onpeAe/ii/rre 
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AMCTpn6yTHB, Ha KOTopbii/i Bbi ccbmaeTecb c noMombK) napaMeTpa 
APT:: Default-Release (cmotpm pa3Aen 8.2.3, «06HOB/ieHne Kali 
Linux» [cTp. 179]) 

flaBakue npeAno/io>KMM, hto Kali Rolling AB/iaeTCfl BaniMM ccbmoHHbiM 
AncTpn6yTMBOM, ho Kali Dev m Debian Unstable Tai<>Ke yKa3aHbi b 
BameM c^aPine sources.list. B btom cnynae Bbi MO>KeTe ncno/ib30BaTb 
apt install pac/cage/unstable A-rm ycraHOBKM naKeTa H3 Debian 
Unstable. Ec/im ycTaHOBKa 6bma npepBaHa BBHAy HeKOTopbix 
HeyAOB/ieTBopj^eMbix 3aBMCMMOCTePi, no3BO/ibTe ePi pa3pei±iMTb btm 
3aBMCMMOCTM b Unstable nyTeM Ao6aB/ieHMfl napaMeTpa -t unstable. 

B AaHHoPi cMTyauMH, o6HOB/ieHMfi (upgrade m full-upgrade) 
Bbino/iHeHbi b npeAe/iax Kali Rolling 3a MCK/uoneHMeM naKeTOB, 
KOTopbie y>Ke 6bmn o6HOB/ieHbi b ApyroM AncTpn6yTMBe: ohm 6yAyT 
npoAO/i>KaTb c/ieAOBaTb o6HOB/ieHMflM, AOcrynHbiM b Apyrnx 
AMCTpM6yTMBax. Mbi obtflCHUM 3 to noBeAeHMe c noMombK) 
npMopMTeTOB no yMO/inaHMio BbicraB/ieHHbix APT HM>Ke. He 
CTecHjRpiTecb Mcnonb30BaTb apt-cache policy (cm. BcraBKy 
«Mcno/ib30BaHMe apt-cache policy» [cTp. 199]) A-rm npoBepKM 
3aAaHHbix npMopMTeTOB. 

Bee onMpaeTCJR Ha to, hto paccMaTpMBaeT /lMiiib naKeTbi, KOTopbie 
Bbiiiie m/im paBHbi BepcMM ycTaHOB/ieHHoro naKeTa (npn yc/iOBMM, hto 
/etc/apt/preferences He Mcno/ib3yeTCfl A-rm ct>opcMpoBaHMfl 
npMopMTeTOB BbiLue 1000 A-rm HeKOTopbix naKeTOB). 


l/lcno/ib30BaHMe apt-cache policy 

Ana no/iyneHMA ziynLuero noHMMaHMA MexaHM3Ma npMopMTeTHOCTM, He 
crecHflPiTecb Bbino/iHATb apt-cache policy A-rm toto, HTo6bi OTo6pa3MTb 
npMOpMTeTHOCTb nO yMO/lHaHMK) CBfl3aHHyK) C K3>KAblM mctohhmkom 
naKeTa. Bbi TaK>Ke MO>KeTe Mcno/ib30BaTb apt-cache policy package 
A-na OTo6pa>KeHMfl npMopMTeTOB Bcex AOCTynHbix BepcnPi 3aAaHHoro 
naKeTa. 


flaBaPiTe npeAno/io>KMM, hto Bbi ycraHOBM/iM BepcMio 1 nepBoro 
naKeTa M3 Kali Rolling m hto BepcMfl 2 m 3 AOCTynHbi cooTBeTCTBeHHO 
b Kali Dev m Debian Unstable. ycTaHOB/ieHHafl BepcMfl 06/iaAaeT 
npMopMTeTOM 100, a BepcMfl AOCTynHaa b Kali Rolling (a6co/iK)THO 
TaKan >Ke) 06/iaAaeT npMopMTeTOM 990 (BBMAy Toro, hto OHa AB.rmeTCfl 
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nacTbK) ue/ieBoro BbinycKa). naKeTbi b Kali Dev n Debian Unstable 
o6naflaK)T npnopnTeTOM 500 (npnopnTeT no yMO/iHaHmo He 
ycTaHOB/ieHHOM BepcMH). TaKMM o6pa30M, no6eAHTe/ieM b btom 
CMTyauMM BbiPiAeT Bepci/m 1 c npnopnTeTOM b 990. naKeT ocraeTCfl b 

Kali Rolling. 

flaBanTe npMBeAeM ApyroPi npMMep c naKeTOB Bepcm/i 2, KOTopbiPi 6bm 
ycTaHOB/ieH H3 Kali Dev. Bepcna 1 flBrmeTCB AOcrynHoPi b Kali 
Rolling n Bepcnfl 3 AOCTynHa b Debian Unstable. Bepckia 1 (c 
npnopnTeTOM 990 - TaKMM o6pa30M HM>Ke neM 1000) OT6pacbiBaeTca, 
noTOMy hto OHa 06/iaAaeT 6onee hm3kmm npMopMTeTOM, neM 
ycTaHOB/ieHHaa Bepcna. OcraiOTCfl ABe BepcMM 2 m 3, o6e c 
npMopMTeTOM 500. B t3kmx c/iynafix APT Bbi6MpaeT caMyK) HOByK) 
BepcMK), Ty KOTopajR AOCTynHa b Debian Unstable. Ec/im Bbi He 
xoTMTe HTo6bi naKeT ycTaHOB/ieHHbiPi c Kali Dev nepeMecrn/icfl b 
Debian Unstable, BaM Hy>KHO Ha3HannTb npnopnTeT MeHbiue 500 
(HanpMMep, 490) A-rm naKeTOB, nocrynaiOLunx c Debian Unstable. 
Bbi MO>KeTe M3MeHMTb /etc/apt/preferences A-rm btoto acj^eKTa: 


Package: * 

Pin: release a=unstable 
Pin-Priority: 490 


8.3.4 ABTOMaTi/mecKoe OTCAe>KMBaHMe ycTaHOBAeHHbix naKeTOB 

Oahom m 3 cymecTBeHHbix c^yHKunPi apt flBrmeTCfl OTc/ie>KMBaHMe 
naKeTOB, ycTaHOB/ieHHbix TO/ibKO nepe3 3aBMCMMOCTb. TaKMe naKeTbi 
H33blBaK)TCB aBTOMaTHVeCKHMH (automatic) M HaCTO BK/lK)HaK)T B 

ce6a 6M6/iMOTeKM. 

C 3tom MHcfjopMauneM, KorAa naKeTbi yAa/ieHbi, MeHeA>Kepbi naKeTOB 
MoryT BbNMc/iMTb cnMcoK aBTOMaTMnecKMx naKeTOB, KOTopbie 6o/ibi±ie 
He Hy>KHbi (noTOMy hto He cymecTByeT BpynHyio ycTaHOB/ieHHbix 
naKeTOB, KOTopbie 6bi no/iara/incb Ha hmx). KoMaHAa apt autoremove 
M36aBMTCjR ot 3tmx naKeTOB. Aptitude He MMeeT noAo6HOM KOMaHAbi, 
t.k. OHa yAa/iaeT btm naKeTbi aBTOMaTnnecKM, KaK TO/ibKO ohm 6yAyT 
MAOHTMCjDMUMpOBaHbl. BO BCeX C/iyHaflX MHCTpyMeHTbl OT 06 pa>KaK)T 
TOHHoe coo6meHMe c yKa3aHMeM 3aTpoHyTbix naKeTOB. 
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OneHb no/ie3Hafl npMBbiHKa OTMenaTb KaK aBTOMaTMnecKMM /ik)6om 
naKeT, KOTopbiPi BaM He HyweH HanpaMyio, HTo6bi ohm aBTOMaTMnecKM 
yAa/ia/iMCb, Kor^a ohm 6o/ibiiie He Hy>KHbi. Bbi MO>KeTe Mcno/ib30BaTb 
KOMaHfly apt-mark auto package A-rm MapKMpoBKM ashhoto naKeTa 
KaK aBTOMaTMnecKoro, TorAa KaK KOMaHAa apt-mark manual package 
Ae/iaeT o6paTHoe. aptitude markauto m aptitude unmarkauto 
pa6oTaK)TTOHHO TaK>Ke, xota ohm npeA-naraK)T 6o/ibiiie B03M0>KH0CTeM 
A.rm MapKMpoBKM cpa3y HecKO/ibKMx naxeTOB (cm. pa3Ae/i 8.2.7.1, 
«Aptitude» [CTp. 190]). KOHCO/lbHblM MHTepaKTMBHbIM MHTepcjDeMC 
aptitude Tao<e ynpomaeT npocMOTp OTMeTKM «aBTOMaTMnecKMM» Ha 
mhotmx naxeTax. 

Bo3mo>kho, BaM 3axoHeTca y3HaTb, noneMy b cMcreMe npMcyTCTByKDT 
aBTOMaTMnecKM ycTaHOB/ieHHbie naxeTbi. HTo6bi no/iyHMTb 3Ty 
MHCjDOpMaUMK) M3 KOMaHAHOM CTpOKM, Bbl MO>KeTe MCn0/lb30BaTb 

aptitude why package (apt m apt-get He MMeiOT noAo6HOM cfjyHKUMM): 


$ aptitude why python-debian 

i aptitude Recommends apt-xapian-index 

i A apt-xapian-index Depends python-debian (>= 0.1.15) 


8.3.5 McnoAb 30 BaHMe nc>AAep>KKM Multi-Arch Support 

Bee naxeTbi Debian MMeiOT none «ApxMTeKTypa» (Architecture) b mx 
ynpaB.rmK)meM MHcj^opMauMM. 3 to none MO>xeT coAepwaTb /im6o «Bce» 
("all" (A-rm Tex naxeTOB, KOTopbie He 3aBMORT ot apxMTeKTypbi 
CMCTeM)), /im6o mma apxMTeKTypbi, Ha KOTopyK) oh HaueneH 
(HanpMMep, amd64 m/im armhf). B nocneAHeM c/iynae, no yMO-nnaHMio, 
dpkg 6yAeT ycraHaB/iMBaTb naxeT mnbKO b tom c/iynae, ec/iM ero 
apxMTeKTypa cooTBeTCTByeT apxMTeKType xocra, hto bmaho Ha 
BbiBOAe KOMaHAbi dpkg -print-architecture. 

3to orpaHMneHMe rapaHTMpyeT, hto Bbi He nonyHMTe Mcno/iHfleMbie 
chaM/ibi, cKOMnM/iMpoBaHHbie ixnn HenpaBM/ibHOM apxMTeKTypbi. Bee 
6bmo 6bi MAea/ibHO, 3a MCK/iioneHMeM Toro, hto (HeKOTopbie) 
KOMnbKDTepbi MoryT 3anycKaTb Mcno/iHaeMbie chaPi/ibi A-nfl HecKO/ibKMx 
apxMTe KTyp, KaK cTa has Pth bi m cnoco6oM (cMCTeMa amd64 MO>xeT 
3anycKaTb Mcno/iHaeMbie cJoaM/ibi i386), TaK m nepe3 sMy/iflTopbi. 
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BK/iKDHeHkie Multi-Arch 


Multi-arch noAAep>KKa dpkg no3BO/iaeT no.nb30BaTe.rmM onpeAermTb 
BHeniHMe apxMTeKTypbi, KOTopbie MoryT 6biTb ycTaHOB/ieHbi b TeicymeM 
CMCTeMe. 3 to /ierKO CAe/iaTb c noMombK) dpkg -add-architecture, KaK 
b npMMepe HM>Ke, rAe apxMTeKTypa i 386 Aon>KHa 6biTb Ao6aB/ieHa b 
CMCT eMy amd64 A-rm 3anycKa npn/io>KeHMM Windows c 
ucno/ib30BaHneM Wine 30 . CymecTByeT cooTBeTCTByiomafl KOMaHAa 
dpkg -remove-architecture A-rm OTKa3a ot noAAep>KKM BHeniHePi 
apxMTeKTypbi, ho ee mo>kho ncno/ib30BaTb TonbKO TorAa, KorAa Ha 
BamePi cMCTeMe He ocra/iocb ycTaHOB/ieHHbix naKeTOB, OTHOCfuunxcfi 
K 3T0H apxMTeKTypbi. 

# dpkg --print-architecture 

amd64 

# wine 

it looks like wine32 is missing, you should install it. 
multiarch needs to be enabled first, as root, please 
execute "dpkg --add-architecture i386 & apt-get update & 
apt-get install wine32" 

Usage: wine PROGRAM [ARGUMENTS...] Run the specified program 
wine --help Display this help and exit 

wine --version Output version information and exit 

# dpkg --add-architecture i386 

# dpkg --print-foreign-architectures 

i386 

# apt update 

(...) 

# apt install wine32 

(...] 

Setting up libwine:i386 (1.8.6-5) ... 

Setting up vdpau-driver-all:i386 (1.1.1-6) ... 

Setting up wine32:i386 (1.8.6-5) ... 

Setting up libasound2-plugins:i386 (1.1.1-1) ... 

Processing triggers for libc-bin (2.24-9) 

# wine 

Usage: wine PROGRAM [ARGUMENTS...] Run the specified program 
wine --help Display this help and exit 

wine --version Output version information and exit 

# dpkg --remove-architecture i386 

dpkg: error: cannot remove architecture 'i386* currently in use by the database 

# dpkg --print-foreign-architectures 

i386 


30 https://www. winehq.org/ 
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APT aBTOMaTi/mecKi/i onpeAe/iMT, Kor^a dpkg 6bi/i HacTpoeH A-rm 
noAAep>KKM BHeniHMx apxMTeKTyp m HaHHeT cKaHMBam/ie 
cooTBeTCTByK)Lunx chaPi/iOB naKeTOB Ha npoTflweHMM npouecca 
o6HOB/ieHi/m. 

3aTeM MoryT 6biTb ycTaHOB/ieHbi BHeniHHe naKeTbi c noMombK) 
KOMaHAbi apt install package-.architecture. 


l/lcno/ib30Bai-me naTeHTOBaHHbix i386 Mcno/iHBeMbix 4>aMJiOB 
Ha amd64 

CymecTByeT MHO>KecTBO BapnaHTOB Mcno/ib30BaHMfl multi-arch, ho 
Han6o/iee nony/iapHbiM M3 hmx ABrmeTCfl B03M0>KH0CTb Bbino/iHeHMA 
32-pa3paAHbix 6nHapHbix c^aPi/iOB (i386) b 64-6nTHbix CMCTeMax 
(amd64), b HacmocTM, 6/iaroAapfl TOMy, hto HecKO/ibKO nony/iapHbix 
4)npMeHHbix npnno>KeHMPi (tokmx KaK Skype) npeAOCTaB/iflKrrcfl 
TO/lbKO B 32 pa3p?1AHblX BepCMflX. 


M3/vieHeHi/m, CBfl3aHHbie c Multi-Arch 


HTo6bi cAe/iaTb multi-arch pea/ibHO no/ie3HbiM m yAo6HbiM b 
ncno/ib30BaHnn, 6n6nnoTeKM AO/i>KHbi 6biTb nepenaiceTi/ipoBaHbi m 
nepeMemeHbi b cneuMa/ibHyio AnpeKTopi/iK) A-rm apxMTeKTyp t3kmm 
06pa30M, HT06bl HeCKO/lbKO 3K3eMn/iapOB (opMeHTMpOBaHHbIX Ha 
pa3Hbie apxMTeKTypbi) mot/im ycneniHO cocymecTBOBaTb Apyr c 
ApyroM. TaKkie o6HOB/ieHHbie naKeTbi coAep>KaT Multi-Arch: oaho m to 
>Ke none 3aronoBKa A-rm Toro, HTo6bi coo6mnTb cMcreMe 
naKeTnpoBaHM?i, hto pa3/iMHHbie apxMTeKTypbi naKeTa MoryT 
6e3onacHO cocymecTBOBaTb (m hto btm naKeTbi MoryT yAOB/ieTBopaTb 
TO/lbKO 3aBHCMMOCTM naKeTOB TaKOM >Ke apxMTeKTypbi). 
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$ dpkg -s libwine 

dpkg-query: error: --status needs a valid package name but 'libwine' is not: ambiguous 
** package name 'libwine' with more than one installed instance 

Use --help for help about querying packages. 

$ dpkg -s libwine:amd64 libwine:i386 | grep ~Multi 

Multi-Arch: same 
Multi-Arch: same 

$ dpkg -L libgccl:amd64 |grep .so 

(...) 

/usr/lib/x86_64-linux-gnu/wine/libwine.so.1 
$ dpkg -S /usr/share/doc/libwine/copyright 

libwine:amd64, libwine:i386: /usr/share/doc/libwine/copyright 


TaK>Ke ctomt OTMeTHTb, hto b Multi-Arch OAMHaxoBbie naKeTbi AO/i>xHbi 
MMeTb Ha3BaHMfl B COOTBeTCTBHM C MX apXMTeXTypOM TOTO, HT06bl 
MAeHTMcfjMUMpoBaTbc?) 6e3 npo6neM. 3tm naxeTbi Tax>xe MoryT 
coBMecTHO Mcno/ib30BaTb cf)aM/ibi c ApyrMMM 3K3eMn/iapaMM OAHoro m 
Toro >xe naxeTa; dpkg rapaHTMpyeT, hto Bee naxeTbi o6/iaAax)T 
OAMHaxoBbiMM nopa3p?)AHbiMM cjDaM/iaMM, xorAa noc/ieAHMe coBMecTHO 
Mcno/ib3yx)TCfi. Tax>xe, Bee 3X3eMn/iflpbi naxeTa AO/i>xHbi MMeTb OAHy 
m Ty >xe BepcMK), no3TOMy mx Heo6xoAMMO o6HOB/iflTb BMecTe. 

noAAep>xxa Multi-Arch npMHOCMT HexoTopbie MHTepecHbie TpyAHOCTM, 
Bbl3BaHHbie Cn 0 C 060 M, XOTOpbIM 06 pa 6 aTblBaK)TCfl 3aBMCMMOCTM. 
YAOB/ieTBopeHMe 33bmcmmoctm Tpe6yeT /im6o naxeTa OTMeneHHoro 
xax Multi-Arch: foreign m/im naxeTa, apxMTexTypa xoToporo 
COOTBeTCTByeT OAHOMy M3 naxeTOB, 06 _ bflB.TmK)LUMX 3aBMCMMOCTb (b 

3tom npoqecce BOccraHOB/ieHMA 3aBMCMMOcreM npeAno/iaraeTca, hto 
He3aBMCMMbie ot apxMTexTypbi naxeTbi MMeiOT Taxyio >xe apxMTexTypy 
hto m xoct). 3aBMCMMOCTb Tax>xe MO>xeT 6biTb oc/ia6/ieHa A-na Toro, 
HTo6bi no3BO/iMTb /ik)6om Apyroi/i apxMTexType Bbino/iHMTb ee c 
noMOLUbio packages io6om cMHTaxcMc, ho BHeniHMe naxeTbi MoryT 
yAOB/ieTBopMTb noAo6Hyio 3aBMCMMOCTb, ec/iM ohm OTMeneHbi xax 
Multi-Arch: allowed. 


8.3.6 npoBepxa noA/iMHHOCTM naxeTa 

06HOB/ieHMe cMCTeMbi npeACTaB/ifleT co6om oneHb yfl3BMMyio 
onepauMio, Tax hto Bbi AO/i>xHbi no/iHOCTbio y6eAMTbca, hto Bbi 
ycraHaB/iMBaeTe naxeTbi /iMiiib M3 ocjDMUManbHbix peno3MTopMeB Kali. 
Ec/im 3epxa/io Kali, xoTopoe Bbi Mcno/ib30Ba/iM, 6bmo B3/iOMaHO, to 
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ne/iOBeK, npofle/iaBLUMPi bto, 3axoneT Ao6aBHTb BpeAOHOCHbiPi koa bo 
Bno/iHe ce6e ocjDHUHa/ibHbiPi naiceT. lloAo6Horo poAa naKeT, b c/iynae 
ero ycTaHOBKM, cMO>KeT Ae/iaTb a6co/iK)THO Bee, hto b Hero 6bmo 
3a/io>KeHO B3/10MLUHK0M, BK/iKDHaa xHLueHne napo/iePi h/ih 
KOHC|3HAeHUMa/lbHOPi MHCj^OpMaUHM. fl/lfl TOTO HT06bl 06OMTM 3T0T pHCK 
Kali npeAOCTaB/ifleT 3ammneHHbiPi ot 3/iOHaMepeHHoro 
BMemaTe/ibCTBa n3onnpyK)mm^ c/ioPi - Ha BpeMA ycTaHOBKH - 
KOTOpbIM nOMO>KeT yAOCTOBepMTbCfl B TOM, HTO naKeT pea/lbHO 
npOHCXOAHT H3 OC^HUMa/lbHOrO HCTOHHMKa H He 6b 1/1 H3MeHeH KeM- 
/IH60 CO CTOpOHbl. 

I/I30/1 npyK)mnti c/iom pa6oTaeT c LienoHKoPi KpnnTorpac|DHHecKOH X3i±i- 
ctDyHKUMM h noAnncbK). noAnHcaHHbiPi c(oa m/i jiB/ifleTCJi Release 
c^aPi/iOM, npeAOCTaB/ieHHbiM 3epKa/iaMn Kali. Oh coAep>KHT cnncoK 
cjDaPi/iOB cjDaPi/iOBbix naKeTOB (BK/iKDnaji H3 c>KaTbie cjDopMbi, 
Packages.gz and Packages.xz, h HHKpeMeHTHbie Bepcm/i) BMecre c hx 
MD5, SHA1, h SHA256 xaiiiaMM, hto b cbokd onepeAb rapaHTnpyeT, 
hto cjoaM/ibi eme He 6bmn noABeprHyTbi BMemaTe/ibCTBy. 3th c^aPi/ibi 
naKeTOB coAepwaT cnncoK naKeTOB Debian, AOCTynHbix Ha 3epKa/ie, 
BMecTe c hx x3LiiaMM, KOTopbie rapaHTnpyK)T b cbokd onepeAb, hto 
naKeTbi caMH no ce6e eme He 6bmn n3MeHeHbi. 

flOBepeHHbie k/ikdhh ynpaB/uiKDTCJi KOMaHAoPi apt-key, KOTopaa 
HaxoAHTca b apt naKeTe. 3Ta nporpaMMa noAAep>KHBaeT 
o6mecTBeHHbie k/ikdhh keyring GnuPG, KOTopbie Hcno/ib3yK)TCJi A-na 
npoBepKH noAnncePi b cjDaPi/ie Release.gpg, AOCTynHOM Ha 3epKa/iax. 
Oh MO>KeT ncno/ib30BaTbCJi i\r\n Ao6aB/ieHHfl HOBbix K/iKDHen BpyHHyK) 
(KorAa BaM Heo6xoAHMbi Heoc|Dnuna/ibHbie 3epKa/ia). OAHaKO, KaK 
npaBH/10, Hy>KHbl TO/lbKO OCjDHUHa/lbHbie k/ikdhh. 3th k/ikdhh 
aBTOMaTHHeCKH nOAAepDKHBaKDTCJl B aKTya/lbHOM C0CT0J1HHH naKeTOM 
kali-archive-keyring (KOTopbiPi noMemaeT cooTBeTCTByKDmuPi 
keyrings b /etc/apt/trusted.gpg.d). OAHaKO, nepBaa ycTaHOBKa 
OTAe/ibHbix naKeTOB, Tpe6yeT oco6oro BHHMaHHJi: Aa>Ke ec/in naKeT 
noAnncaH KaK /ikd6oh ApyroPi, noAnncb He modkct 6biTb npoBepeHa 
H3BHe. OcTopo>KHbiH aAMHHHCTpaTop AO/i>KeH BcerAa 
HAeHTHCjDHUHpOBaTb HMnOpTHpyeMbie K/IKDHH, nepeA TeM K3K AOBepJITb 
HM H HaHHH3Tb yCT3H0BKy HOBbIX naKeTOB. 
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# apt-key fingerprint 

/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg 


pub 4096R/2B90D010 2014-11-21 [expires: 2022-11-19] 

Key fingerprint = 126C 0D24 BD8A 2942 CC7D F8AC 7638 D044 2B90 D010 
uid Debian Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org> 

/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg 


pub 4096R/C857C906 2014-11-21 [expires: 2022-11-19] 

Key fingerprint = D211 6914 1CEC D440 F2EB 8DDA 9D6D 8F6B C857 C906 
uid Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org> 

/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg 


pub 4096R/518E17E1 2013-08-17 [expires: 2021-08-15] 

Key fingerprint = 75DD C3C4 A499 F1A1 8CB5 F3C8 CBF8 D6FD 518E 17E1 
uid Jessie Stable Release Key <debian-release@lists.debian.org> 

/etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg 


pub 4096R/473041FA 2010-08-27 [expires: 2018-03-05] 

Key fingerprint = 9FED 2BCB DCD2 9CDF 7626 78CB AED4 B06F 4730 41FA 
uid Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmaster@debian.org> 

/etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg 


pub 4096R/B98321F9 2010-08-07 [expires: 2017-08-05] 

Key fingerprint = 0E4E DE2C 7F3E 1FC0 D033 800E 6448 1591 B983 21F9 
uid Squeeze Stable Release Key <debian-release@lists.debian.org> 

/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg 


pub 4096R/46925553 2012-04-27 [expires: 2020-04-25] 

Key fingerprint = A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553 
uid Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org> 

/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg 


pub 4096R/65FFB764 2012-05-08 [expires: 2019-05-07] 

Key fingerprint = ED6D 6527 1AAC F0FF 15D1 2303 6FB2 A1C2 65FF B764 
uid Wheezy Stable Release Key <debian-release@lists.debian.org> 

/etc/apt/trusted.gpg.d/kali-archive-keyring.gpg 


pub 4096R/7D8D0BF6 2012-03-05 [expires: 2018-02-02) 

Key fingerprint = 44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6 
uid Kali Linux Repository <devel@kali.org> 

sub 4096R/FC0D0DCB 2012-03-05 [expires: 2018-02-02] 


Korfla b sources.list Ao6aB/ifleTCfl naiceT H3 Heoc^nuna/ibHoro 
HCTOHHUKa, APT AO/DKeH 6blTb yBeflOM/ieH 0 TOM, HTO OH MO>KeT 
AOBepflTb cooTBeTCTByKDineMy GPG K/iKDny ayTeHTi/icf)MKaunM (b 
npoTHBHOM c/iynae oh 6yAeT npoAO/i>KaTb wa/iOBaTbca, hto oh He 
MOweT rapaHTHpoBaTb noA-nMHHOCTb naiceTOB, nocrynaK)mnx H3 btoto 
peno3MTopi/m). nepBbiM maroM, 6e3yc/iOBHO, nBnnejcn no/iyneHHe 
ny6/ii/iHHoro K/iKDna. Maine Bcero k/ikdh 6yAeT npeAOCTaB/ieH b BHAe 
He6o/ibiuoro TeKCTOBoro cjDaM/ia, KOTopbiPi Mbi 6yAeM Ha3biBaTb 
key.asc b c/ieAyK)mnx npMMepax. 

Ann toto HTo6bi Ao6aBHTb kiikdh k AOBepeHHOMy keyring, 
aAMMHMCTpaTop AO/i>KeH 3anycTHTb run apt-key add < key.asc. 
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flpyrMM cnoco6oM AB.rmeTCfl ncno/ib30BaHne rpa<t>MHecKoro 
MHTepc|)eMca synaptic: ero BK/iaAKa Authentication b MeHK) Settings - 
Repositories npeAOCTaB/iaeT B03M0>KH0CTb MMnopTa K/itonePi H3 dpawna 
key.asc. 

p,r\9\ nKDAePi, KOTopbie npeAnoHMTa kdt cneuMa/iM3npoBaHHoe 
npn/io>KeHMe m 6o/iee noApo6HyK) MHcf)opMai4MK) o AOBepeHHbix 
K/iK)Hax, mo>kho ncno/ib30BaTb gui-apt-key (b naiceTe c TeM >Ke 
MMeHeM), He6o/ibiuoM no/ib30BaTe/ibCKMM rpacfjMHecKMM MHTepcjDeMC, 
KOTopbiM ynpaB/iaeT AOBepeHHbiM k/ikdhom. 

Iloc/ie toto, KaK cooTBeTCTByK>LUMe k/ikdhm HaxoAflTca b keyring, APT 
npoBepMT cMTHaTypbi nepeA /ik>6om pmckob3hhom onepauMeM, HTo6bi 
MHTepcj^eMCbi OTo6pa>Ka/iM npeAynpe>KAeHne, ec/iM 6bmo npeA-no>KeHO 
ycTaHOBHTb naKeT, noA-nMHHOCTb KOToporo He MO>KeT 6biTb 
ycTaHOB/ieHa. 


8.4 CnpaBKa no naKeiaM: yr/iy6/ieHne b CMCTeMy naKeTOB 
Debian 

HaKOHeu, npmuno BpeMA yrny6i/iTbCfl b CMCTeMy naKeTOB Debian m 
Kali. Ha btom 3Tane Mbi co6MpaeMca bwmtm 3a paMKM MHCTpyMeHTOB m 
CMHT3KCMCa M COCpeAOTOHMTbCfl Ha CyTH CMCTeMbl naKeTHpOBaHMfl. 
3tot 3aKy/incHbiM B3r/iaA noMO>KeT BaM noHATb ocHOBbi pa6oTbi APT m 
npeAOCTaBHT BaM pea/ibHbiM B3rrmA Ha to, kokmm o6pa30M Bbi MO>KeTe 
HacTpoMTb m pauMOHa/iM3npoBaTb Bamy CMCTeMy Kali. BaM He 
o6fl3aTe/ibHO 3anoMMHaTb a6co/iK)THO Becb MaTepnan, M3/io>KeHHbiM b 
3tom pa3Ae/ie, ho b /ik)6om c/iynae nonyHeHHafl BaMM 3Aecb 
MHc^opMauMa noc/iy>KMT BaM xopomyK) c/iy>K6y no Mepe Bamero 
npoc^eccMOHa/ibHoro pocTa b ocBoeHMM CMCTeMbl Kali Linux. 

flo cmx nop Bbi B3aMMOAGMCTBOBa/iM c AaHHbiMM naKeTa APT c 
noMombK) pa3/iMHHbix MHCTpyMeHTOB, npeAHa3HaneHHbix A-n^ 
B3aMM0ASMCTBM?i c hmm. fla/iee Mbi yrny6MMca m 3arrmHeM BHyTpb 
naKeTOB M paCCMOTpMM BHyTpeHHKDK) MeTdMHCpOpMdLlMK) (M/1M 
MHcj^opMauMK) o ApyroM MHcjDopMauMM), Mcno/ib3yeMyK) 
MHCTpyMeHTaMM ynpaB/ieHMjR naKeTaMM. 
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3Ta K 0 M 6 nHaunfl c^aPmoBoro apxi/ma n MeTanHcf)opMaunM 
HenocpeflCTBeHHO BMflHa b cTpyKType dpawna .deb, KOTopbiPi AB/iaeTCfl 
npocTO apxHBOM, o 6 'beAHHflK)Lui/iM Tpn dpawna: 


$ ar t /var/cache/apt/archives/apt_1.4~betal_amd64.deb 

debian-binary 
control.tar.gz 
data.tar.xz 


flBOUHHbiPi cj^aPm debian co,aep>KHT oamh HOMep Bep cum, 

onncbiBaK)LunPi cf)opMaT apxuBa: 


$ ar p /var/cache/apt/archives/apt_1.4~betal_amd64.deb debian-binary 

2.6 


ApxnB control.tar.gz coAepwnT MeTanHcjDopMaMHK): 


$ ar p /var/cache/apt/archives/apt_1.4~betal_amd64.deb control.tar.gz | tar -tzf - 

./ 

./conffiles 

./control 

./md5sums 

./postinst 

./postrm 

./preinst 

./prerm 

./shlibs 

./triggers 


I/I HaKOHeu, apxnB data.tar.xz (cj^opMaT c>KaTMfl MO>KeT OT/ii/NaTbCfl) 
coAep>KMT cjDaKTMHecKMe c|}aPi.nbi, KOTopbie Heo 6 xoAHMO ycTaHOBi/iTb b 
c^aPmoBoPi cMCTeMe: 
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$ ar p /var/cache/apt/archives/apt_1.4~betal_amd64.deb data.tar.xz | tar -tJf - 

./ 

./etc/ 

./etc/apt/ 

./etc/apt/apt.conf. d/ 

./etc/apt/apt.conf.d/01autoremove 
./etc/apt/preferences.d/ 

./etc/apt/sources.list.d/ 

./etc/apt/t rusted.gpg.d/ 

./etc/cron.daily/ 

./etc/cron.daily/apt-compat 
./etc/kernel/ 

./etc/kernel/postinst.d/ 

./etc/kernel/postinst.d/apt-auto-removal 
./etc/logrotate.d/ 

./etc/logrotate.d/apt 

./lib/ 

./lib/systemd/ 

(...) 

06paTMTe BHMMaHMe, hto b ashhom npMMepe, Bbi paccMaTpi/iBaeTe 
.deb naKeT b apxnBe Kama APT, n hto Bam apxi/iB MO>KeT coAep>xaTb 
cJaaM/ibi c HOMepaMM Bepcnn, KOTopbie MoryT OT/innaTbCfl ot 
npi/iBeAGHHbix b npMMepe. 

B 3tom pa3Aene, Mbi npeACTaBMM 3Ty MeTanHcJ^opMaunK), xoTopaa 
coAep>KMTc?i b Ka>KAOM naxeTe, m Mbi noxaweM BaM xax ee 
MCn0/lb30BaTb. 


8.4.1 KOHTpOAbHbIM c|)aMA 

flaBaMTe HaHHeM paccMOTpeHMe KOHTpo/ibHoro cj^an/ia, xoTopbiM 
coAep>KMTC5q b apxMBe control.tar.gz. KoHTpo/ibHbin cjDan/i coasp>kmt 
caMyK) Heo6xoAHMyK) MHcjDopMauMK) o naxeTe. Oh ncno/ib3yeT 
CTpyxTypy, noxo>xyK) Ha 3aro/iOBxn 3/iexTpoHHbix nnceM, m MO>xeT 
6biTb npocMOTpeH c noMombK) xoMaHAbi dpkg -I. HanpnMep, 
xoHTpo/ibHbiM c|3aM/i apt BbirrmAHT c/ieAyx)mnM o6pa30M: 
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$ dpkg -I apt_l.4-betal_aird64.deb control 

Package: apt 
Version: 1.4~betal 
Architecture: amd64 

Maintained APT Development Team <deity@lists.debian.org> 

Installed-Size: 3478 

Depends: adduser, gpgv | gpgv2 | gpgvl, debian-archive-keyring, init-system-helpers (>= 
1.18-), libapt-pkg5.0 (>= 1.3-rc2), libc6 (>= 2.15), libgcd (>= 1:3.0), 
libstdc++6 (>= 5.2) 

Recommends: gnupg | gnupg2 | gnupgl 

Suggests: apt-doc, aptitude | synaptic | wajig, dpkg-dev (>= 1.17.2), powermgmt-base, 

» python-apt 

Breaks: apt-utils (« 1.3-exp2-) 

Replaces: apt-utils (« 1.3-exp2~) 

Section: admin 
Priority: important 

Description: commandline package manager 
This package provides commandline tools for searching and 
managing as well as querying information about packages 
as a low-level access to all features of the libapt-pkg library. 

These include: 

* apt-get for retrieval of packages and information about them 
from authenticated sources and for installation, upgrade and 
removal of packages together with their dependencies 

* apt-cache for querying available information about installed 
as well as installable packages 

* apt-cdrom to use removable media as a source for packages 

* apt-config as an interface to the configuration settings 

* apt-key as an interface to manage authentication keys 


Bbtom pa3Ae/ie Mbi npeAcraBHM BaM KOHTpo/ibHbiM c^aPm m pastncm/iM 
BaM pa3/iMHHbie o6nacn/i. Ka>KAan M3 hmx asct BaM nyHiuee 
nom/iMam/ie cMcreMbi naKeTi/ipoBam/m, asct BaM 6onee tohhyk) 
HacrpoMKy ynpaB/iem/m KOH^kirypauMeM m npeAOCTaBMT BaM 
MHc^opMapHK), Heo6xoAHMyK) A-nn ycrpaHei-mn npo6neM, KOTopbie 
MOryT B03HHKHyTb. 


3aBMCMMOCTM: noAe Depends 


3aBMCMMOCTM naKeTa onpeAennKrrcn b none Depends b 3aronoBKe 
naKeTa. 3to cnncoK ycnoBMM Ann KoppeKTHOM pa6oTbi naKeTa - 3Ta 
MHcj^opMauMn ncnonb3yeTcn TaKMMM MHCTpyMeHTaMM, KaK apt A-nn 
ycTaHOBKM Heo6xoAHMbix 6n6nnoTeK, b cooTBeTCTByK>mnx Bepci/mx, 
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BbinonH^KDLUMx 3aBMCMMOCTM ycraHaBni/iBaeMoro naKeTa. fl/ia Ka>KAoPi 
3aBMCMMOCTn Bbi MO>KeTe orpaHUHMTb anana30H Bepci/iPi, 
COOTBeTCTByKDLUMX 3T0My yC/10BMK) flpyrUMM C/lOBaMM, MO>KHO 
Bbipa3HTb tot cj^aKT, hto naKeT Iibc6 BaM HyweH b Bepcnn, paBHoPi 
uni/i 6o/ibiuePi, neM «2.15» (nmueTcn Iibc6 (>= 2.15)"). 

3HaKM onepauMM cpaBHeHun Bbim^a^T c/ieflyK)mnM o6pa30M: 

• <<: MeHbiue neM; 

• < = : MeHbiue neM nnn paBHo; 

• =: paBHo (ho noMHMTe, hto "2.6.1" He 6yaeT paBHjRTbca "2.6.1-1"); 

• >=: 6o/ibiiie neM mjih paBHo; 

• >>: 6o/ibiue neM. 

B cnHCKe ycnoBHPi, KOTopbie Aon>KHbi BbinonHATbcn, 3annTan c/iy>KHT 
pa3aennTeneM, HHTepnpeTi/ipyeMbiM KaK nornnecKoe «I/I». B ycnoBunx 
BepTMKa/ibHaa nepTa ("|") o6o3HaHaeT nomnecKoe «l/l/ll/l» (3to 
BK/iK)HaK)Luee l/l/l I/I, He ncK/iK)HaK)Luee n/nnn ("either/or")). YKa3biBafl 
6onbi±mPi npnopnTeT, neM npocTO «V\», Bbi MO>KeTe ncnonb30BaTb ero 
CTO/lbKO pa3, CKOnbKO Heo6xOAMMO. TaKHM 06pa30M, 3aBHCMMOCTb «(A 
l/l/l I/I B) h C» 3anncbiBaeTC5R A | B, C. HanpoTHB, BbipaweHi/ie «A l/l/l I/I 
(B I/I C)» ao/i>kho 6biTb 3anncaHO KaK «(A l/l/ll/l B) I/I (A l/l/l I/I C)», 
nocKonbKy none Depends He aonycKaeT Kpyrnbie cko6km, KOTopbie 
M3MeHnK)T nopnaoK npnopnTeTOB Me>KAy nornnecKMMn onepaTopaMH 
«l/l/ll/l» h «I/I ». CneaoBaTenb 3anncb 6yaeT BbirnnaeTb cneayK)mMM 
o6pa30M A | B, A | C. flnn nonyneHMn 6onbmePi i/mcjDopMaui/m 
peKOMeHayeM BaM noceTHTb caPiT http://www.debian.org/doc/ 
debian-policy/ch- relationships.html 

CkicTeMa 3aBncnM0CTePi nBnneTcn xoponiMM MexaHH3M0M A-rm 
rapaHTHH pa6oTbi nporpaMMbi, ho OHa TaK>Ke HMeeT apyrHe ccj^epbi 
npMMeHeHHe c MeTa naKeTaMH. 3 to nycTbie naKeTbi, KOTopbie 
oni/icbiBaKDT TonbKO 33BHCHM0CTH. Ohm o6nernaK)T ycTaHOBKy 
cornacoBaHHoPi rpynnbi nporpaMM, npeABapHTenbHO Bbi6paHHbix 
co3AaTeneM MeTa-naKeTa; KaK TaKOBan KOMaHAa apt install meta¬ 
package 6yAeT aBTOMaTHnecKH ycraHaBnMBaTb Bee stm nporpaMMbi, 
ncnonb3yn 3aBncnM0CTn MeTa-naKeTa. naKeTbi gnome , kde-full m kali- 
linux - 3to npMMepbi MeTa-naKeTOB. 
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Pre-Depends, 6o/iee Tpe6oBaie/ibHbie 3aBMCMM0CTM 


Pre-dependencies (npeABapMTe/ibHbie 3aBMCMM0CTM), KOTopbie 
nepeHMcneHbi b no/ie Pre-Depends b 3aro/iOBKax naKeTOB, Aono/iHflKrr 
06 bNHbie 3aBHCMMOCTM; MX CMHT3KCMC MASHTMHHbIM. 06blHHafl 
33BMCMMOCTb yKa3biBaeT Ha TO, HTO naKeT, 0 KOTOpOM MAST peHb, 
AO/i>KeH 6biTb pacnaKOBaH m HacTpoeH nepeA h3ctpomkom naKeTa, 
06 ‘bflB/lflK)mer 0 3aBMCMMOCTb. npeABapMTe/lbHaa 3aBMCMMOCTb 
npeAycMaTpMBaeT, hto naKeT, o kotopom mast penb, AO/i>KeH 6biTb 
pacnaKOBaH m HacTpoeH nepeA Bbino/iHeHMeM cueHapMA 
npeABapMTenbHOM ycTaHOBKM naKeTa, o6'bflB.rmK)Luero 
npeABapMTe/ibHyK) 3aBMCMMOCTb, KOTopaa mast nepeA ero 
yCT3H0BK0M. 

npeABapMTe/ibHafl 3aBMCMMOCTb AB/iaeTCfl oneHb Tpe6oBaTe/ibHOM k 
apt, noTOMy hto OHa Ao6aB/ifleT cTporoe orpaHMneHMe Ha nop^AOK 
naKeTOB A-rm ycTaHOBKM. no cyTM, npeABapMTe/ibHbie 33bmcmmoctm 
KaK TaKOBbie He Mcno/ib3yK)TCfl ao Tex nop, noKa b hmx He craeT 
ocrpaa Heo6xoAHMOCTb. Mbi Aawe nopeKOMeHAyeM BaM 
npoKOHcynbTMpoBaTbCfi c ApyrMMM pa3pa6oTHMKaMM Ha debian- 
devel@lists.debian.org nepeA TeM, KaK Ao6aBrmTb npeABapMTe/ibHyK) 
3aBMCMM0CTb, ec/iM Bee eiue ecTb BepoflTHoeTb pa3peiueHM?i BameM 
npo6/ieMbi 6e3 mx Mcno/ib30BaHMfl. 


lloAfl Recommends (PeKOMeHAyeMbie), Suggests (llpeAAOweHHbie), 
m Enhances (YAyHLijeHHbie) 


norm Recommends m Suggests onMCbiBaiOT 33bmcmmoctm, KOTopbie He 
AB/miOTCfl 06jR3aTe/lbHblMM. PeKOMeHAyeMbie 3aBMCMM0CTM, hto 
AB/lfleTCfl CaMbIM B3>KHblM, 3HaHMTe/lbH0 y/iyHLuaK)T 
cpyHKL|,MOHa/ibHOCTb, npeA-naraeMyio naKeTOM, ho He AB/miOTCfl 
o6a3aTe/ibHbiMM a/i^ ero pa6oTbi. npeA/io>KeHHbie 3aBMCMM0CTM, 
btopmhhom b3>khoctm, yKa3biBaK)T Ha to, hto onpeAe/ieHHbie naKeTbi 
MOryT y/iyHLUMTb M AOnO/lHMTb CBOK) COOTBeTCTBeHHyK) nO/ie3HOCTb, HO 
AOBO/lbHO pa3yMHblM flB/meTCfl yCT3H0BKa OAHMX 6e3 APyrMX. 

BaM cneAyeT BcerAa ycraHaB/iMBaTb peKOMeHAyeMbie naKeTbi, noKa 
KOHKpeTHO He 6yAeTe yBepeHbi b tom, hto 6o/iee He Hy>KAaeTecb b 
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hux. I / I , Hao 6 opoT, y Bac HeT Heo 6 xoflMMOCTM ycraHaB/iMBaTb 
npeA/io>KeHHbie naxeTbi, noKa Bbi He 6 yAeTe yBepeHbi b tom, hto ohi/i 
B aM ASMCTBMTe/lbHO Hy>KHbl. 

none Enhances TaK>Ke onncbiBaeT npeA-no>KeHne, ho HeMHoro b 
ApyroM KOHTeKCTe. Oho AeMCTBMTe/ibHO HaxoAHTca b npeA-noweHHOM 
naxeTe , a He b naiceTe, KOTopbM no/iyni/iT npei/iMymecTBO ot aToro 
npeA-noweHi/m. Ero HHTepec /iewi/iT b tom, hto cymecTByeT 
B03M0>KH0CTb Ao6aBMTb npeA-noweHne 6e3 n3MeHeHM?i, cBA3aHHoro c 
hum naiceTa. TaKi/iM o6pa30M, Bee HaACTpoMKi/i, nnari/iHbi i/i Apyri/ie 
paci±mpeHi/m nporpaMMbi MoryT 3aTeM OTo6pawaTbca b cni/icice 
npeA-noweHi/m, cBfl3aHHbix c nporpaMMHbiM o6ecneneHneM. He cmotpa 
Ha to, hto AaHHoe none cymecTByeT ywe Hecxo/ibKO neT, oh ao cmx 
nop b 3HaHHTe/ibHOM cTeneHM ni~HopnpyeTCfl nporpaMMaMH, TaKi/iM m 
Kax apt m/im synaptic. nepBOHana/ibHaa ue/ib cocrofl/ia b tom, HTo6bi 
no3BonnTb naxeTy, TaKOMy Kax xul-ext-adblock-plus (Firefox 
pacLUMpeHHe) oS'bflB.rmTb Enhances (y/iynLueHi/m): firefox, firefox-esr, 
TaKMM o6pa30M, noflB.rm.ni/icb b cni/icice npeA-noweHHbix naiceTOB 
CB?i3aHHbix c firefox i/i firefox-esr. 


KoHc()AMKTbi: noAe Conflicts 


llo/ie Conflicts o6o3HanaeT c/iyHai/i, KorAa naiceT He/ib3A ycraHOBi/iTb 
OAHOBpeMeHHO BMecTe c ApyrHMM. CaMOM nacTO pacnpocTpaHeHHoPi 
npHHMHOM A-n^ 3Toro AB/meTCA to, hto 06a naxeTa BK/iK)HaK)T b ce6 a 
<£ai/i.n c oahmm i/i TeM >Ke MMeHeM, npeAOCTaB/iAiOT OAHy i/i Ty we 
c/iy>K6y Ha oahom i/i tom we nopTy npoTOKO/ia ynpaB/ieHi/m nepeAanei/i 
(transmission control protocol (TCP)) m/ii/i we i/i3-3a Toro, hto ohi/i 
npenflTCTByKDT pa6oTe Apyr Apyra. 

Ec/ii/i B03HMKaeT c/iynai/i, KorAa noAB/meTCA kohc|d/imkt c ywe 
ycTaHOB/ieHHbiM naiceTOM, dpkg OTKaweTCA ycraHaB/ii/iBaTb naiceT, 3a 
MCK/iK)HeHneM c/iynaeB, KorAa HOBbiM naiceT yKa3biBaeT, hto oh 
33MeHMT ycTaHOB/ieHHbiM naiceT, h b btom cnynae dpkg pei±n/iT 
3aMeHMTb cTapbiM naiceT Ha HOBbiPi. APT BcerAa cneAyeT Bai±ii/iM 
HHCTpyKUHflM: ec/iH Bbi peniMTe ycTaHOBHTb HOBbiM naiceT, oh 
aBTOMaTMnecKM npeA/iowMT yAa/ii/iTb naiceT, npeACTaB/miomni/i 
npo6/ieMy. 
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HecoBMecTMMOCTM: none Breaks 


none Breaks o6na,aaeT noxo>KMM actx^eKTOM, noAo6HbiM scj^eKTy 
nonn Conflicts, ho b OTnMHMe ot nocneAHero oho HMeeT oco6oe 
3HaneHne. Oho onoBemaeT o tom, hto ycTaHOBKa naKeTa HaBpeAHT 
ApyroMy naiceTy (mi m KOHKpeTHoPi Bepcm/i naKeTa). B o6meM, 3Ta 
HecoBMecTMMOCTb Me>KAy AByMn naKeTaMM hocmt BpeMeHHbiM 
xapaKTep, a OTHOweHMe Breaks KOHKpeTHO OTHOcnTcn k 
HeCOBMeCTMMbIM BepCMnM. 

KorAa naKeT HapymaeT pa6oTy y>Ke ycraHOBneHHoro naKeTa, dpkg 
OTKa>KeTcn ycraHaBnMBaTb ero, a apt nonpo6yeT peuiMTb npo6neMy 
nyTeM o6HOBneHMn naKeTa, pa6oTa KOToporo 6yAeT HapymeHa, ao 
6onee hoboh BepcMM (KOTopan CHMTaeTcn coBMecTMMOM). 

TaKan cMTyaunn MO>KeT B03HMKHyTb b cnynae o6HOBneHMPi 6e3 
o6paTHOM coBMecTMMOCTH: MMeeTcn BBHAy, hto HOBan Bepcnn 6onbwe 
He pa6oTaeT c 6onee crapoPi BepcnePi m Bbi3biBaeT HencnpaBHOCTb b 
ApyroPi nporpaMMe 6e3 co3AaHMn oco6bix ycnoBHPi. none Breaks 
noMoraeT npeAOTBpaTMTb 3 tm npo6neMbi. 


npeAycMOTpeHHbie nyHKTbi: none Provides 


B 3tom none npeACTaBneHa oneHb MHTepecHan KOHuenunn 
Buprya/ibHoro naKeTa (virtualpackage). Oh HMeeT mhoto ponePi, 
ho ABe M3 hmx oco6eHHO Ba>KHbi. nepBan ponb 3aKnK)naeTcn b 
Mcnonb30BaHMM naKeTa Ann cBn3biBaHMn c hmm o6mePi cny>K6bi (naKeT 
npeAOCTaBnneT cny>K6y). BTopan ponb yKa3biBaeT Ha to, hto naKeT 
nonHOCTbK) 3aMeHneT ApyroPi m hto Ann AOCTM>KeHMn btoPI uenn oh 
MO>KeT yAOBneTBopnTb 33BMCMMOCTM, KOTopbie TaK>Ke yAOBneTBopnKDT 
Apyrne naKeTbi. TaKMM o6pa30M mo>kho co3AaTb naKeT 3aMemeHMn 
6e3 Mcnonb30BaHMn oahoto m Toro >Ke mmchm naKeTa. 


MeTa naKeT m BMpTya/ibHbm naKeT 
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OneHb b3>kho neTKO OT/iMnaTb MeTa naKeTbi ot BMpTya/ibHbix naKeTOB. 
noc/ieAHue flB/iflK)TCfl peanbHbiMM naiceTaMM (BK/ifonaa pea/ibHO 
cymecTByK>mne .deb <£aM/ibi), Hbfl 3aAana coctomt b BbipaweHMM 
3aBMCMMOCTePi. 

Ho BMpTyanbHbie naiceTbi c|3M3MHecKM He cymecTByKrr; ohm flBrmKrrcfl 
nMLUb cpeACTBOM MAeHTMc^MKauMM pea/ibHbix naxeTOB Ha ocHOBe 
o6lumx norMHecKMx KpMTepMeB (HanpMMep, npeAOCTaB/ifleMbix yc/iyr 
m/im coBMecTMMOCTM co craHAapTHOM nporpaMMOM m/im y>xe 
cymecTByK>mnM naxeTOM). 


npeflOCTaB/ieHne yc/iyrn (Providing a Service) 

flaBaMTe o6cyAHM nepBbiM c/iynaM 6onee AeTa/ibHO Ha KOHKpeTHOM 
npMMepe: Bee noHTOBbie cepBepbi, TaKMe icaic postfix m/im sendmaii 
AO/i>KHbi npeAOCTaB/iaTb BMpTya/ibHbiM naiceT mail-transport-agent. 
TaKMM o6pa30M, /ik)6om naiceT, A-ns KOToporo 3Ta c/iy>K6a AO/i>KHa 
6biTb cjDyHKMMOHa/ibHOM (HanpMMep, AncneTnep cnMcica paccbi/iKM, 
TaxoM Kax smartlist m/im sympa), npocTO 3aflB/i?ieT b cbomx 
3aBMCMMOCTflx, HTO A-na 3Toro Tpe6yeTca mail-transport-agent 
BMecTO yK33aHMfi 6o/ibiuoro, ho Heno/iHoro cnMcica B03M0>KHbix 
pemeHMM. KpoMe toto, a6co/iK)THO 6eccMbic/ieHHO ycTaHaB/iMBaTb Asa 
noHTOBbix cepBepa Ha oahom m tom >xe ManiMHe, mmchho noaTOMy 
Ka>KAbiM M3 3tmx naiceTOB 3aaB/iJieT o KOHcfj/iMKTe c maii-transport- 
agent BMpTya/ibHbiM naiceTOM. Kohc|d/imkt Me>KAy naiceTOM m mm caMMM 
MrHopMpyeTca cMCTeMOM, ho 3tot MeTOA 6yAeT 3anpemaTb ycTaHOBKy 
AByx noHTOBbix cepBepoB Ha oahom KOMnbKrrepe. 
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B3anM03aMehmeM0CTb c ppyruM naKeTOM 

none Provides Tai<>Ke nBnneTcn 1/iHTepecHbiM, KorAa coAepwam/ie 
naKeTa BKnKjneHO b 6onee KpynHbin naKeT. HanpnMep, MOAynb Perl 
Iibdigest-md5-perl BbicrynaeT Heo6n3aTenbHbiM MOAyneM b Perl 
5.6, n 6bin BCTpoeH b KanecTBe craHAapTHoro TonbKO b Perl 5.8. 
TaKi/iM o6pa30M, Hanmnan c Bepcnn 5.8, naKeT perl 3anBnneT 
Iibdigest-md5-perl t3khm o6pa30M, hto Bee 3aBncnMOCTn Ha btom 
naKeTe yAOBneTBopnKrrcn, ecnw Ha cncreMe ycTaHOBneH Perl 5.8 (nnn 
6onee HOBbin). naKeT Iibdigest-md5-perl caM no ce6e 6bin y^aneH, 
t.k. y Hero 6onee HeT HHKaKnx 3aAan, c KOTopbiMH 6bi He Mornn 
cnpaBMTbcn Apyri/ie naKeTbi. 



PiicyHOK 8.3 l/lcnonb30BaHMe norm Provides /jrw roro > 4to 6s/ He 
HapyillMTb 3dBMCMM0CTb. 

3 to cbomctbo nBnneTcn oneHb none3HbiM, t.k. HnKorAa He 3Haenib, 
KaKkie npHHyAbi mo>kho o>KHAaTb ot npouecca pa3pa6oTKn n 
Heo6xoAHMO MMeTb B03M0>KH0CTb npncnoca6nnBaTbcn k 
nepeMMeHOBaHHK) n Apyron aBTOMaTnnecKon 3aMeHe ycTapeBiuero 
nporpaMMHoro o6ecneHeHi/m. 
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3aMeHa <t>aM/iOB: Hone Replaces 


none Replaces o6o3HanaeT, hto naKeT coAepwnT cj^aPi/ibi, KOTopbie 
TaK>Ke npncyTCTByK)T b ApyroM naKeTe n hto AaHHbiPi naKeT 3aKOHHO 
o6naAaeT npaBaMn Ha hx 3aMeHy. 5e3 btoPi cneunc^nKaunn, dpkg He 
CMO>KeT 6biTb Bbino/iHeH, yTBep>KAaB, hto oh He MOweT nepe3anncaTb 
c^an/ibi Apyroro naKeTa (TexHi/inecKi/i bo3mo>kho 3acraBHTb ero 
CAe/iaTb 3to c noMombK) onuMM -force-overwrite, ho bto He AB/meTca 
CTaHAapTHOM onepaunePi). 3to no3BO/meT BbmBnTb noTeHui/ia/ibHbie 
npo6/ieMbi n Tpe6yeT ot cneuna/incra no o6c/iy>KHBaHHK) n3ynnTb 
Bonpoc npeA TeM, KaK npnHATb peuieHne o Ao6aB/ieHm/i TaKoro no/m. 

Mcno/ib30BaHne 3Toro norm onpaBAaHO, KorAa HMeHa naKeTOB 
M3MeHflKmm n/in KorAa naKeT BK/iKDneH b ApyroPi. 3to TaK>Ke MOweT 
npokicxoAHTb, KorAa cneuna/incT no o6c/iy>KHBaHi/iK) pemaeT 
pacnpocTpaH^Tb c|DaPi/ibi no-pa3HOMy cpeAn pa3/inHHbix ABonnHbix 
naKeTOB, co3AaHHbix oahum h TeM >Ke hctohhukom naKeTOB: 
3aMemeHHbiPi c|oaPi/i 6o/ibiiie He npi/maA.ne>KHT cTapoMy naKeTy, Tenepb 
OH npHHaA/ie>KMT TO/lbKO HOBOMy. 

Ec/in Bee c^aPi/ibi b ycTaHOB/ieHHbix naKeTax 6bmn 3aMeHeHbi, naKeT 
CHMTaeTCfl yAa/ieHHbiM. I/I HaKOHeu, bto none TaK>Ke cnoco6cTByeT 
yAa/ieHMK) 3aMemeHHbix naKeTOB c noMombK) dpkg b c/iynae 

B03HMKH0BeHM?1 KOHC|3/lMKTa. 


8.4.2 CKpnnTbi KOHcfjMrypaL^MM 

B Aono/iHeHMe k ynpaB/mromeMy cranny, control.tar. gz apxnB A-rm 
Ka>KAoro naKeTa Debian MOweT coAepwaTb onpeAe/ieHHoe KO/innecTBO 
CKpnnTOB (postinst, postrm, preinst, prerm), Bbi3biBaeMbix dpkg Ha 
pa3Hbix BTanax o6pa6oTKn naKeTa. Mbi MO>KeM ncno/ib30BaTb dpkg -I 
A/m OTo6pa>KeHi/m bthx c^aPi/iOB, nocKO/ibKy ohh HaxoAflTCfl b apxnBe 
naKeTa .deb: 
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$ dpkg -I /var/cache/apt/archives/zsh_5.3-l_amd64.deb | head 

new debian package, version 2.6. 


size 814486 bytes: 

control 

archive=2557 bytes. 


838 bytes, 

20 lines 

control 


3327 bytes, 

43 lines 

md5sums 


969 bytes, 

41 lines 

* postinst 

#!/bin/sh 

348 bytes, 

20 lines 

* postrm 

#!/bin/sh 

175 bytes, 

5 lines 

* preinst 

#!/bin/sh 

175 bytes, 

5 lines 

♦ prerm 

#!/bin/sh 


Package: zsh 
Version: 5.3-1 

$ dpkg -I zsh_5.3-l_amd64.deb preinst 

#!/bin/sh 
set -e 

# Automatically added by dhinstalldeb 

dpkg-maintscript-helper symlinktodir /usr/share/doc/zsh zsh-common 5.0.7-3 -- 

# End automatically added section 


Debian Policy AeTa/ibHO om/icbiBaeT Ka>KAbiM M 3 btmx ctoan jiob, 
yKa3biBaa Bbi3BaHHbie cKpi/mTbi m apryMeHTbi, KOTopbie ohm 
no/iynaK)T. 3tm noc/ieAOBaTenbHOCTM MoryT 6 biTb AOBO/ibHO 
c/io>KHbiMM, t.k. ec/iM oahh M3 3tmx cKpMnTOB noTepnMT HeyAany, dpkg 
nonpo 6 yeT BepHyTbca k yAOB/ieTBopMTe/ibHOMy coctoahmk) nyTeM 
OTMeHbi MAymero Ha AaHHbiM momcht npoqecca ycTaHOBKM m/im 

yAa/ieHMfl (HaCKO/lbKO 3T0 6yAeT B03M0>KHblM). 


6a3a flaHHbix dpkg 

Bbi MO>KeTe nepeMemaTb 6a3y AaHHbix dpkg b cj^aM/iOBOM cMCTeMe b / 
var / lib / dpkg /. 3tot KaTanor coagp>kmt TeKymyK) 3anMCb 060 Bcex 
naKeTax, KOTopbie 6 bi/iM ycTaHOB/ieHbi b CMCTeMe. Bee CKpMnTbi 
KOHcjDMrypauMM A-rm ycTaHOB/ieHHbix naKeTOB xpaHATca b KaTa/iore / 
var / lib / dpkg / info / b bmas c^aPina c npec^MKcoM mmchm naKeTa: 


$ Is /var/lib/dpkg/info/zsh.* 

/var/lib/dpkg/info/zsh.list 
/var/lib/dpkg/info/zsh.md5sums 
/var/lib/dpkg/info/zsh.postinst 
/var/lib/dpkg/info/zsh.postrm 
/var/lib/dpkg/info/zsh.preinst 
/var/lib/dpkg/info/zsh.prerm 


3Ta AnpeKTopMfl TaK>Ke BK/iKDnaeT b ce6a dpawn c pacniMpeHMeM .list 
A-rm Ka>KAoro naKeTa, KOTopbiPi coasp>kmt cnncoK c|3aM.noB 
npMHaA/ie>Kamnx 3T0My naKeTy: 
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$ head /var/lib/dpkg/info/zsh.list 

/. 

/bin 

/bin/zsh 

/bin/zsh5 

/usr 

/usr/lib 

/usr/lib/x86_64-linux-gnu 

/usr/lib/x86_64-linux-gnu/zsh 

/usr/lib/x86_64-linux-gnu/zsh/5.2 

/usr/lib/x86_64-linux-gnu/zsh/5.2/zsh 

(...) 


OaM/i /var/lib/dpkg/status coagp>kmt cepMK) 6/iokob Aam-ibix (b 
4)opMaTe M3BecTHoro 3anpoca 3aro/iOBKOB noHTbi A-na KOMMeHTapna 
RFC 2822), onucbiBaKDLUnx cocroflHMe Ka>KAoro naKeTa. l/lHc^opMaui/m 
M3 ynpaB/ijRK)mero cj^aPi/ia ycTaHOB/ieHHbix naiceTOB TaK>Ke 
Ay6/iMpyeTCfl TaM. 


$ more /var/lib/dpkg/status 

Package: gnome-characters 
Status: install ok installed 
Priority: optional 
Section: gnome 
Installed-Size: 1785 

Maintainer: Debian GNOME Maintainers <pkg-gnome- 
** maintainers@lists.alioth.debian.org> 
Architecture: amd64 
Version: 3.20.1-1 
(...) 


flaBaMTe o6cyAMM c^aM/ibi KOHcjDMrypauMM m nocMOTpMM, KaK ohm 
B3aMM0ASMCTByK)T. B o6meM, cKpMnT preinst Bbino/iHfleTCfl ao 
ycTaHOBKM naKeTa, b to BpeMA KaK postins cneAyeT 3a HeM. I1oao6ho 
3T0My prerm Bbi3biBaeTCfi nepeA yAa/ieHMeM naKeTa, a postrm noc/ie 
3Toro. 06HOBneHMe naKeTa AB/iaeTCfl 3KBMBa/ieHTHbiM no OTHomeHMK) 
k yAaneHMK) npeAbiAymeM BepcMM m ycTaHOBKM hobom. K co>Ka/ieHMK), 
HeB03M0>KH0 AeTa/ibHO onMcaTb Bee cqeHapMM B03M0>KHbie 3Aecb, ho, 
TeM He MeHee, Mbi o6cyAMM Asa caMbix pacnpocTpaHeHHbix: 
ycTaHOBKa/o6HOBneHMe m yAa/ieHMe. 

3tm noc/ieAOBaTe/ibHOCTM MoryT 6biTb AOBO/ibHO 3anyTbiBaK>mMMM, ho 
BM 3ya/ibHoe npeACTaB/ieHMe MO>KeT noMOHb. Manoj Srivastava CAe/ia/i 
3TM CXeMbl (rpacflMKM), OfonCHnn TO, KaK MMeHHO Bbl3blBaK)TCfl 
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CKpmubi KOHcj^MrypauHM c noMombK) dpkg. noxo>Ki/ie cxeMbi 
(rpacjDMKM) 6bmn TaK>Ke pa3pa6oTaHbi npoeKTOM Debian Women; ohi/i 
6o/iee npocTbiMn f\nn noHi/iMaHi/m, ho MeHee no/iHbiMi/i. 

https://people.debian.org/~srivasta/MaintainerScripts.html 

https://wiki.debian.org/MaintainerScripts 


riPEflOCTEPEXEHHE CklMBO/lMHeCKMe MMeH3 CKpMnTOB 

noc/ieAOBaTe/ibHocTM, onncaHHbie b btom pa3Ae/ie, Bbi3biBaK)T 
CKpnnTbi K0H(f)Mrypai4Mn no KOHKpeTHbiM MMeHaM, HanppiMep old - 
prerm m/im new-postinst. 3to, cooTBeTCTBeHHO, cKpkinT prerm, 
coAep>KamnMCfi b crapoPi Bepcm/i naKeTa (ycTaHOB/ieHHbiPi nepeA 
o6HOB/ieHneM) m postinst-cicpnnT, coAepwamuPicfl b hobom Bepcnn 
(ycTaHOB/ieHHOM o6HOBneHneM). 


YdaHOBKa m o6HOBAeHMe nocAeAOBaieAbHOCTM CKpumoB 


Hnwe onncaHO to, hto nponcxoAHT bo BpeMA npoqecca ycraHOBKM 

(mjim o6HOB/ieHi/m): 

1. Arm o6HOB/ieHim, dpkg Bbi3biBaeT old-prerm upgrade new- 
version. 

2. Tai<>Ke A-rm o6HOB/ieHi/m, dpkg Bbino/iHfleT new-preinst upgrade 
old-version; f\nn nepBoPi ycraHOBKi/i, oh Bbino/iHfleT new-preinst 
install. Oh MO>KeT Ao6aB/mTb cTapyK) Bepci/iK) b noc/ieAHnPi 
napaMeTp, ecrm naKeT ywe 6bm ycraHOB/ieH m yAaneH (ho He 
onmiieH, c|3aPi.nbi KOHcj3nrypai4nn 6bmn coxpaHeHbi). 

3. fla nee HOBbie c(oaM/ibi naKeTbi pacnaKOBbiBaKmm. Ec/ii/i cfoaM/i ywe 
cymecTByeT, oh 3aMeH?ieTCfl, ho Bee paBHO co3AaeTCB pe3epBHaa 
Kom/m m xpaHMTCB bo BpeMeHHbix cj^aPmax. 

4. Ann o6HOB/ieHi/m, dpkg Bbino/iHfieT old-postrm upgrade new- 
version. 

5. dpkg o6HOB/meT Bee BHyTpeHHne AaHHbie (cnncoic cjoaM/iOB, 
CKpnnTbi KOHcf)MrypauMn, m t.a.) h yAa/meT Bee pe3epBHbie Koni/m 
3aMemeHHbix c|3aPi.noB. B ashhom c/iynae bto nsnneTcn tohkom 
H eB03BpaTa: dpkg 6o/ibi±ie He i/iMeeT AOCTyna ko BceM TeM 
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3/ieMeHTaM, KOTopbie Heo6xoAHMbi A-rm B03BpameHMfl k 
npeAbiAyiAeMy coctoahmk). 

6. dpkg o6hobht cj3aM/ibi KOHc^i/irypauMn, npeA-no>KMB BaM pewnTb, He 
MO>KeT /in oh aBTOMaTMHecKM ynpaBrmTb btom 3aAaHei/i. fleTa/ii/i 
AaHHOM npoqeAypbi noAPo6HO M3/io>KeHbi b pa3Ae/ie 8.4.3, 
"CnrHaTypbi m cjDaMnbi KOH^i/irypauMi/T [page 214]. 

7. \A HaKOHeq, dpkg Hacrpai/iBaeT naKeT nyTeM Bbino.nHeHi/m new- 
postinst configure last- version-configured. 


YAaAeHne naKeia 


Hn>Ke om/icaHO to, hto nponcxoAHT bo BpeMA yAa/ieHi/m naKeTa 

1. dpkg Bbi3biBaeT prerm remove. 

2. dpkg yAa/iaeT Bee cj^aPi/ibi naKeTa, 3a MCK/iK)HeHi/ieM c(oa mjiob 
KOH c^i/irypaMHM m cueHapi/ieB KOHc|3MrypaMHM. 

3. dpkg Bbino/iH^eT postrm remove. Bee cqeHapm/i KOHc^MrypauMM, 
KpoMe postrm, yAarmnyrcfl. Ecni/i Bbi He ncno/ib30Ba/in onui/iK) 
purge, to npoqecc ocraHaB/iHBaeTCfl Ha btom 3Tane. 

4. Ann no/iHoPi ohmctkm naKeTa (KOMaHAa, 3aAaHHaa c dpkg —purge 
or dpkg -P), Heo6xoAHMO yAa/iHTb m cjoan/ibi KOHc^i/irypaum/i, 
TaK>Ke KaK m onpeAe/ieHHoe KO/ii/NecTBO Konnu (*.dpkg- tmp, 
*.dpkg-old, *.dpkg-new) m BpeMeHHbix c^aPi/iOB; dpkg 3aTeM 
Bbino/iHfieT postrm purge. 

B HeKOTopbix c/iynafix naKeT MOweT i/icno/ib30BaTb debconf p,nn 
no/iyneHi/m i/mcjDopMaum/i o KOHc^MrypauMH ot Bac: neTbipe cueHapMM, 
onncaHHbie Bbime, 3aTeM Aono/iHflK)TCfl cKpi/mTOM config, 
npeAHa3HaneHHbiM f\nn no/iyneHi/m btom MHcjDopMauMH. Bo BpeMA 
ycTaHOBKM 3 tot cKpi/mT noAPo6HO onpeAe/iaeT, K3Kne Bonpocbi 
3aAaeT debconf. OTBeTbi 3anncbiBaK)TCfl b 6a3y AaHHbix debconf f\nn 
Aa/ibHePmiero ncno/ib30BaHH5R. CqeHapm/i o6bNHO Bbino/iHaeTCfl apt 
nepeA noc/ieAOBaTe/ibHoPi ycTaHOBKOM naKeTOB, HTo6bi 
crpynnnpoBaTb Bee Bonpocbi BMecre b Hana/ie npouecca. 3aTeM pre- 
M post- CKpnnTbl ycTaHOBKM MOryT MCn0/lb30BaTb 3Ty MHCjDOpMaUMK) 
A.rm pa6oTbi b cootbctctbhm c BaniMMi/i noKe/iaHMAMi/i. 


1/lHCTpyMeHT debconf 
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1/lHCTpyMeHT debconf 6bm co3AaH Ann pewem/m noBTopfliOLuei/icfl 
npo6neMbi b Debian. Bee naiceTbi Debian He MoryT cJoyHKunoHMpoBaTb 
6e3 KOHcjDMrypauHM, KOTopaa Mcno/ib3yeTCfl f\r\s\ nocraHOBicn 
BonpocoB c Bbi30BaMM echo m read KOMaHA b 060/iOHKe cicpnnTOB 
postinst (m ApyrMx noxo>KMx cicpnnTOB). 3to 3acraB.rm.n0 ycraHOBLUMK 
npMCMaTpMBaTb 3a KpynHbiMM ycTaHOBKaMH m/im o6HOB/ieHMflMM A-rm 
Toro, HTo6bi OTBenaTb Ha pa3/iMHHbie KOHcJoMrypaMMOHHbie 3anpocbi no 
Mepe mx B03HMKH0BeHMa. Ha ceroAH?uuHMM AeHb, 6/iaroAapfl debconf, 
Mbi MO>KeM noHTM no/iHOCTbio o6xoAMTbC5R 6e3 noAo6Horo poAa 
pyHHOTO B3aMMOAGMCTBM51. 

1/lHCTpyMeHT debconf 06 /iaAaeT 6 o/ibiiiMM ko/imhcctbom MHTepecHbix 
cfjyHKMMM : oh Tpe 6 yeT ot pa3pa6oTHMKa yi<a3aTb B3aMMOASMCTBMe c 
no/ib30BaTe/ieM; oh no3BO/meT noKa/iM30BaTb Bee OTo 6 pa>KaeMbie 
ctpokm (Bee nepeBOAbi xpaHATca b cjoan/ie Lua 6 /iOHOB, onMCbiBaiOLAMx 
B3aMMOAeMCTBMjq); oh npeAOcraB/meT pa3/iMHHbie MHTepcJoeMCbi 
(TeKCTOBbIM pe>KMM, rpacfjMHeCKMM pe>KMM, He MHTepaKTMBHbIM); M OH 
pa3peniaeT co3AaHMe qeHTpa/ibHOM 6a3bi AaHHbix OTBeTOB A-nfl Toro, 
HT 06 bl MMeTb B03M0>KH0CTb Ae/lMTbCfl OAHOM M TOM >Ke KOHCjOMTypaUMeM 
C HeCKO/lbKMMM KOMnbKDTepaMM. CaMbIM B3>KHblM CBOMCTBOM 5\Br\9\QTC9\ 
to, hto Bee Bonpocbi MoryT 6 biTb npeAcraB/ieHbi b oahom pBee 
BMecTe, nepeA Hana/iOM A-nuTe/ibHoro npoqecca ycTaHOBKM m/im 
o 6 HOBneHM 5 q. Tenepb Bbi MO>KeTe cMe/io 3 aHMMaTbca cbommm as/iomm, 
noKa cMCTeMa a 6 co/iK)THO caMOcnmTe/ibHO npoBOAMT ycTaHOBKy. 
Tenepb y Bac HeT hmiokom Heo 6 xoAMMOCTM ocraBaTbca Ha Mecre, 
yCTaBMBLUMCb B 3Kp3H B OKMA9HMM BOnpOCOB, KOTOpbie MOryT 
B03HMKHyTb B /!K) 6 yK) MMHyTy. 


8.4.3 CMTHaTypbi m KOH(|)MrypaLi l MOHHbie c|)aMAbi (conffiles) (BHecTM 
npaBKM b o6uj.ee coA,ep>KaHMe) 

KpoMe cKpMnTOB noAAep>KKM m AaHHbix ynpaB/ieHMA ywe ynoMAHyTbix 
a npeAbiAymeM pa3Ae/ie, apxMB control.tar.gz naKeTa Debian MO>KeT 
coAep>KaTb Apyrne MHTepecHbie cjoaM/ibi. 


# ar p /var/cache/apt/archives/bash_4.4-2_amd64.deb control.tar.gz | tar -tzf - 
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./ 

./conffiles 

./control 

. /md5sums 

./postinst 

./postrm 

./preinst 

./prerm 


nepBbiM— md5sums— coAep>KHT curHaTyp MD5 A-ns Bcex c^aM/iOB 
naiceTa. HnaBHbiM ero npeMMymecTBOM AB/ifleTca to, hto oh AonycKaeT 
dpkg -verify Ann toto, HTo6bi npoBepHTb 6bi/iM /in stm c^ai/mbi 
n3MeHeHbi c MOMeHTa hx ycTaHOBKM. 06paTHTe BHMMaHHe: ecrm stot 
ctoaM/i He cymecTByeT, to dpkg 6yAeT reHepnpoBaTb ero AMHaMMnecKM 
bo BpeMa ycTaHOBKM (m xpaHMTb ero b 6a3e AaHHbix dpkg, KaK h 
A pyrHe ynpaB/iflK)LUMe cjoaM/ibi). 

Conffiles nepenMcrmeT c^aPi/ibi naKeTOB, KOTopbie AO/i>KHbi 6biTb 
o6pa6oTaHbi b KanecTBe cjDaPi/iOB KOHc|3nrypauMn. OaPi/ibi 
KOHct>nrypaunn MoryT 6biTb n3MeHeHbi aAMi/mi/icTpaTopoM, a dpkg, b 
cbokd onepeAb, nocrapaeTCfl coxpaHMTb bth n3MeHeHna bo BpeMA 
o6HOBneHHJi naKeTa. 

OaKTMHecKM, b 3ToPi cMTyauMM dpkg BeAST ce6a Hacro/ibKO pa3yMHO 
HaCKOnbKO 3T0 B03M0>KH0: eC/lM CTaHAapTHbIM C^aM/l KOHC|3Hrypai4HH 
He n3MeHn/icji Me>KAy AByMa BepcMJiMM, oh HHnero He Ae/iaeT. Ecrm 
>Ke dpawn 6bm n3MeHeH, oh nonbiTaeTca o6HOBHTb stot c^aPm. 
Bo3MO>KHbi Asa c/iyna^: rm6o aAMHHHCTpaTop b ripi/mui/me He Kaca/icfl 
3Toro c|)aPi.na KOHcfmrypauMM, h b 3tom c/iynae dpkg aBTOMaTHHecKH 
ycTaHaBnHBaeT HOByK) BepcHK); m/im dpawn 6bin n3MeHeH, m b stom 
c/iynae dpkg 3anpai±mBaeT y aAMMHMcrpaTopa BepcMK), KOTopyK) oh 
xoneT ncnonb30BaTb (cTapyK) BepcMK) c MOAnct>MKai4HflMn m/im HOByK), 
npeAOCTaBneHHyK) naKeTOM). HTo6bi noMOHb b npMHjqTHH noAo6Horo 
poAa pemeHHjR, dpkg npeA-naraeT OTo6pa3MTb diff, KOTopbiPi 
noKa3biBaeT pa3Hnuy Me>KAy Asyi^m BepcMAMM. Ecrm Bbi peiimTe 
coxpaHHTb CTapyK) BepcMK), HOBaa 6yAeT coxpaHeHa b tom >Ke MecTe 
b c^aPine c cyc^x^HKcoM .dpkg-dist. Ec/im we Bbi Bbi6epeTe ocTaBMTb 
HOByK) BepcMK), crapas 6yAeT coxpaHeHa b c^aPi/ie c cyc|)c|)MKcoM .dpkg 
- old. flpyroe AOCTynHoe AePicTBMe coctomt m3 KpaTKOBpeMeHHoro 
npepbiBaHMjq pa6oTbi dpkg Ann toto, HTo6bi OTpeAaKTMpoBaTb cjoaM/i m 
nonbiTaTbca BOccTaHOBMTb cooTBeTCTByKDLUMe M3MeHeHMfl (paHee 
MAeHTMCf)MUMpOBaHHbie C nOMOLUbK) diff). 
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dpkg o6pa6aTbiBaeT o6HOB/ieHi/m dpawna KOHc|3Mrypai4nn, ho ripn stom 
pery/ij^pHO npepbiBaeT cbokd pa6oTy, 3anpai±ii/iBafl bboa ot 
aAMMHHCTpaTOpa. 3T0 HaCTO MO>KeT 6blTb AOBO/lbHO T3KM TpyAOeMKHM 
h HeyAo6HbiM. K cnacTbK), Bbi MO>KeTe AaTb KOMaHAy dpkg OTBeTi/iTb 
Ha 3 th 3anpocbi aBTOMaTHHecKH. napaMeTp —force-confold coxpaHJieT 
CTapyK) BepcMK) c|)ai/i.na, a — force-confnew 6yAeT ncno/ib30BaTb 
HOByK) BepcMK). 3th BapnaHTbi co6nK)AaK)TC}q, Aa>Ke ec/ 11/1 c|3aM.n He 
6bm M3MeHeH aAMHHHCTpaTopoM, hto AOBO/ibHO peAKO AaeT 
>Ke/iaeMbiPi ac^eicr. flo6aB/ieHne onqHH —force-confdef roBopi/iT dpkg 
pewaTb Bonpoc caMOCTOJiTe/ibHO TaM, rAe sto bo3mo>kho (ApyrMMM 
c/iOBaMM, KorAa i/icxoAHbiPi cjoaM/i KOHcf)nrypaunM He 6bin 3aTpoHyT). 
OnuMH -force-confnew h/ih —force-confold c/ieAyeT ncno/ib30BaTb 
A-rm ApyrHx c/iynaeB. 

3tm onunn ncno/ib3yK)T dpkg, ho 6o/ibiiiyK) nacTb BpeMeHH 
aAMMHHCTpaTop 6yAeT pa6oTaTb HenocpeACTBeHHO c nporpaMMaMH 
aptitude m/im apt. TeM He MeHee, Heo6xoAHMO 3HaTb ci/iHTaicci/ic, 
ncno/ib3yeMbiPi A-rm yi<a3aHMfl napaMeTpoB, nepeAaBaeMbix KOMaHAe 
dpkg (hx HHTepcj^ePicbi KOMaHAHOM ctpokh oneHb noxo>Kn). 


# apt -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" full 
** upgrade 


3th onunn MoryT xpaHMTbCJi HenocpeACTBeHHO b K0Hc|)nrypai4i/mx apt. 
fl/ui Toro HTo6bi cAe/iaTb sto npocTO HanmuHTe c/ieAyKimyK) crpoicy b 
c(3aM/ie /etc/apt/apt.conf.d/local: 

DPkg::options { "--force-confdef”; "--force-confold"; } 

BK/iK)HeHne 3toh onui/m b §av\n KOHcjDHrypauHH 03HanaeT, hto OHa 
TaK>Ke 6yAeT ncno/ib30BaHa b rpa<t>nHecKOM HHTepcj^ePice, TaKOM KaK 
aptitude. 

I/I Hao6opoT, Bbi Tai<>Ke MO>KeTe 3acTaBHTb dpkg 3aAaBaTb Bonpocbi 
KOHct>nrypaunoHHoro fyawna. Onumi —force-confask nopynaeT dpkg 
OTo6pa3HTb Bonpocbi o cjDaPi/iax K0Hc|3nrypaum/i, Aa>Ke b Tex c/iynasix, 
KorAa 3 to He AB/ifleTCfl Heo6xoAHMbiM. TaKMM o6pa30M, npH 
nepeycraHOBKe naKeTa c stoh onunePi dpkg cHOBa 3aAacT Bonpocbi 
Arm Bcex ctoan/iOB KOHc|3nrypai4nn, n3MeHeHHbix aAMMHHcrpaTopoM. 
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3to oneHb yAo6HO, oco6eHHO A-rm nepeycraHOBKM mcxoahord cj^aPina 
KOHc|3MrypauMn, ec/iM oh 6bm yAa/ieH, m y Bac HeT ApyroM Konnn: 
o6bNHaa nepeycraHOBKa He cpa6oTaeT, noTOMy hto dpkg 
BOcnpi/iHMMaeT yAa/ieHMe, KaK cj^opMy nera/ibHoro M3MeHeHMfi m, 
t3kmm o6pa30M, He ycraHaB/iMBaeT Heo6xoAHMbiPi cjoan/i 
KOHC^kirypauMH. 


8.5 lloABeAeM morn 

B 3tom pa3Ae/ie, Mbi y3Hann 6o/ibiiie o cMCTeMe naiceTOB Debian, 
o6cyAnnn Advanced Package Tool (APT) m dpkg, y3Ha/in 6o/ibiiie o 
6a30B0M B3anM0AePicTBHM naxeTOB, Aono/iHMTe/ibHOM HacrpoMKe m 
ncno/ib30BaHMM APT, m yrny6nnncb b M3yneHMe cMcreMbi naxeTOB 
Debian c KpaTKOM ccbi/iKOM c(oaM/ia c^opMaTa .deb. Mbi paccMOTpe/iM 
TaKkie noHjqTmR xax cjoan/i ynpaB/ieHi/m, dcpunTbi KOHc|3Mrypai4MM, 
CMTHaTypbi m c^aPi/ibi KOH(f)Mrypai4MM (conffiles). 

OCHOBHbie MOMeHTbi: 

• naiceT Debian npeACTaBrmeT co6om c>KaTbiM apxMB nporpaMMHoro 
npnno>KeHMfi. Oh coagp>kmt cjoan/ibi npnno>KeHHjR, a TaK>Ke Apyrne 
MeTaAaHHbie, BK/iKDHaa MMeHa 3aBMCMMOCTeM, KOTopbie Tpe6yK)TCfl 
npM/10>KeHMf1M, a TaK>Ke CKpMnTbl, KOTOpbie n03B0rmK)T BbinO/lHflTb 
KOMaHAbi Ha pa3Hbix BTanax cymecTBOBaHMA naiceTa (ycTaHOBKa, 
yAaneHkie, o6HOBneHne). 

• 1/lHCTpyMeHT dpkg, b OT/iMHne ot apt m apt-get (ceMePicTBa APT), He 
i/iMeeT Heo6xoAHMOM MH^opMauMM o Bcex AOCTynHbix naxeTax, 
KOTopbie MoryT 6biTb ncno/ib30BaHbi A-na yAOB/ieTBopeHMA 
3aBncnMOCTeM naiceTOB. TaKMM o6pa30M, A-rm ynpaB/ieHMA 
naxeTaMM Debian, Bbi, BepoaTHO, 6yAeTe ncno/ib30BaTb noc/ieAHMe 
HHCTpyMeHTbi, nocKO/ibKy ohm MoryT aBTOMaTMnecKM pa3peniaTb 
npo6neMbl C 3aBMCMMOCTflMM. 

• Bbi MO>KeTe Mcno/ib30BaTb APT A-rm ycTaHOBKM m yAa/ieHMjR 
npM/io>KeHMM, o6HOBneHM?i naiceTOB m Aa>Ke A-rm o6HOB/ieHMfl Been 
BameM cMCTeMbi. HM>Ke npMBeAeHbi OCHOBHbie MOMeHTbi, KOTopbie 
BaM Heo6xoAHMO 3HaTb 06 APT m ero KOHcjDMrypauMflx: 

• OaM n sources.list flBrmeTCfl K/noneBbiM c^ai/moM KOHcfjMrypaqMM A-rm 
onpeAeneHMfi mctohhmkob naiceTOB (m/im peno3MTopMeB, 
coAep>Kamnx naiceTbi); 
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• Debian m Kali ncno/ib3yK)T Tp m pa3fle/ia j\nn Ancl^epeHUHauHH 
naKeTOB B COOTBeTCTBHM C /lM14eH3H}lMM, Bbl6paHHblMM aBTOpaMM 
Ka>KAoPi pa6oTbi: coAep>KHT Bee naKeTbi, KOTopbie no/iHOCTbio 
cooTBeTCTByKDT flnpeKTi/iBe no CBo6oAHOMy nporpaMMHOMy 
o6ecneHeHMK) Debian (Debian Free Software Guidelines 31 ); non- 
free coAepwnT nporpaMMHoe o6ecneHeHi/ie, KOTopoe He no/iHOCTbK) 
cooTBeTCTByeT flkipeKTHBe no CBo6oAHOMy nporpaMMHOMy 
o6ecneneHHK), ho TeM He MeHee MO>KeT 6biTb pacnpocTpaHeHO 6e3 
orpaHMHeHHki; m contrib (contributions) BK/nonaeT nporpaMMHoe 
o6ecneneHne c OTKpbiTbiM i/icxoAHbiM koaom, KOTopoe He MOweT 
ct>yHKUMOHnpoBaTb 6e3 KaKnx-.ni/i6o non-free 3/ieMeHTOB; 

• Kali noAAep>KMBaeT HecKO/ibKO peno3HTopneB, b tom HHc/ie: kali¬ 
rolling, KOTOpbIM flBJlfleTCfl OCHOBHbIM XpaHH/lHLUSM KOHeHHbIX 

nonb30BaTe/iePi h BcerAa AO/i>KeH coAepwaTb ycraHaB/iHBaeMbie h 
nocneAHkie naKeTbi; kali-dev, KOTopbiPi Hcno/ib3yeTca 
pa3pa6oTHMKaMM Kali h He npeAHa3HaneH f\nn ny6/iHHHoro 
Mcno/ib30BaHMjq; h kali-bleeding-edge, KOTopbiPi Macro coAep>KHT 
HenpoBepeHHbie naKeTbi, aBTOMaTHMecKH co3AaBaeMbie H3 
peno3MTopmi Git (hjih Subversion), MeHee neM nepe3 AaaAUaTb 
neTbipe naca noc/ie hx 3arpy3Kn; 

• Pa6oTaa c APT, BaM Heo6xoAHMO cHana/ia 3arpy3HTb cnncoK 
AOCTynHbix Ha AaHHbiPi momcht naKeTOB c noMombK) apt update; 

• Bbi MO>KeTe Ao6aBHTb naKeT b cncreMy c noMombK) apt install 
package. APT aBTOMaTHHecKH ycraHOBHT Bee Heo6xoAHMbie 
3aBHCMMOCTM; 

• Ann Toro MTo6bi yAa/ii/iTb naKeT, Hcno/ib3yPiTe apt remove package. 
Oh TaK>Ke ycTpaHHT o6paTHyio 3aBncnMOCTb naKeTa (to ecTb 
naKeTbi, KOTopbie 3aBnc^T ot naKeTa, KOTopbiPi Hy>KHO yAa/iHTb); 

• fl/ia Toro MTo6bi yAa/iHTb Bee AaHHbie cBA3aHHbie c naKeTOM, Bbi 
MO>KeTe «OHMCTMTb» naKeT c noMombK) KOMaHAbi apt purge 
package. B OT/iHHne ot npouecca yAa/ieHHfl, bto He TO/ibKO yAa/iHT 
naKeT, ho Ta o<e yAa/iHT h ero c^aPi/ibi KOHcj^HrypauHH h HHorAa 
Aa>Ke cBJi3aHHbie c hum AaHHbie no/ib30BaTe/ur 

Mbi peKOMeHAyeM pery/iapHbie o6HOB/ieHHfl f\nn ycTaHOBKH 
noc/ieAHHx o6HOB/ieHHPi 6e3onacHOCTn. HTo6bi o6HOBHTb, 
ncno/ib3yPiTe apt update, 3a KOTopbiM c/ieAyK)T apt upgrade, apt-get 
upgrade h/ih aptitude safe-upgrade. 3th KOMaHAbi rnuyT 


31 https://www.debian.0rg/sodai_contract#guideiines 
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ycTaHOB/ieHHbie naiceTbi, KOTopbie mo>kho o6HOBMTb 6e3 yuaneniAn 
KaKnx-/in6o naKeTOB. 

Ann 6onee Ba>KHbix o6HOB/ieHm/i, TaKnx KaK o6HOB/ieHi/ie ocHOBHbix 
Bepcm/i, ncnonb3yPiTe apt full-upgrade. C noMombK) 3 tom KOMaHflbi apt 
3aBepniMT o6HOB/ieHne, aawe ecrm eMy Hy>KHO yaa/iHTb HeKOTopbie 
ycTapeBiiine naiceTbi n/in ycTaHOBMTb HOBbie 3aBncnMOCTM. 3 to Taoce 
KOMaHfla, KOTopyio Bbi flon>KHbi ncnonb30BaTb f\nn pery/iflpHbix 
o6HOBneHnPi BameM cucreMbi Kali Rolling. llpocMOTpMTe Bee n/iiocbi 1/1 
MMHycbi o6HOBneHnPi, om/icam-ibix b cooTBeTCTByiomePi maBe. 

Ann npoBepKM naKeTOB Debian mo>kho ncno/ib30BaTb HecKO/ibKO 
HHCTpyMeHTOB: 

• dpkg —listfiles package (mjim -L) nepeHi/ic/ifleT cj^aPinbi, KOTopbie 
6bi/in ycTaHOBneHbi b yKa3aHHbix naiceTax. 

• dpkg --search file (h/im -S) HaxoflMT /iio6bie naKeTbi, KOTopbie 
coflep>KaT dpawn v\nv\ nyTb yica3aHHbiM b apryMeHTe. 

• dpkg --list (h/im -I) BbiBOflUT Ha aicpaH cni/icoK naKeTOB n3BecTHbix 
CMCTeM, a T3K>Ke HX CTaTyC yCT3H0BKH. 

• dpkg --contents file.deb (h/im -c) nepeHi/icrmeT Bee cjDaPinbi b 
KOHKpeTHOM .deb c|)ai/i.ne. 

• dpkg —info file.deb (h/im-I) BbiBOflMT Ha 3KpaH 3aro/iOBKi/i 
yKa3aHHoro .deb c|)ai/i.na. 

• Pa3nnMHbie apt-cache noflKOMaHflbi 6o/ibiiiyK) nacTb nHcj3opMaunn, 
xpaHJuuePica bo BHyTpeHHePi 6a3e aaHHbix APT. 

HTo6bi n36e>KaTb npe3MepHoro ncnonb30BaHna ai/icKa, Bbi AO/i>KHbi 
pery/ij^pHO copTi/ipoBaTb /var/cache/apt/archives/. 3Toro mo>kho 
ncno/ib30BaTb flBe KOMaHflbi: apt clean (m/im apt-get clean), KOTopaa 
noriHOCTbio onycTOiiiaeT KaTa/ior; apt autoclean (apt-get autoclean), 
KOTopaa yfla/uqeT TonbKO Te naKeTbi, KOTopbie 6o/ibiiie He MoryT 6biTb 
3arpy>KeHbi, t.k. ohh MCHe3/in H3 3epKa/ia, h nosTOMy flBrmKrrcfl 
6ecno/ie3HbiMM. 

Aptitude - 3to MHTepaKTHBHaa nporpaMMa, KOTopaa MO>KeT 
ncno/ib30BaTbca b nonyrpacf)HHecKOM pe>KHMe Ha kohco/ih. 3to 
Hpe3BbNaPiHO Haae>KHafl nporpaMMa, KOTopaa MO>KeT noMOHb BaM 
ycTaHOBHTb h ycrpaHMTb Heno/iaflKH b naKeTax. 

synaptic - rpacf)HHecKHM MeHeawep naKeTOB, KOTopbiPi HMeeT HHCTbiPi 
h 3cf>cf)eKTMBHbiM rpacf)i/NecKm/i i/iHTepc^ei/ic. 
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Kai< npoflBUHyTbiPi no/ib30BaTe/ib, Bbi MO>KeTe co3flaBaTb c|3aM/ibi b 
/etc/apt/apt.conf.d/ A-rm HacrpoMKi/i onpefle/ieHHbix acneKTOB APT. Bbi 
TaK>Ke MO>KeTe ynpaB/iflTb npnopnTeTaMM naiceTOB, OTc/ie>KHBaTb 
aBTOMaTMHecKM ycTaHOB/ieHHbie naiceTbi, pa6oTaTb c HecKO/ibKHMM 
AncTpn6yTHBaMn n/ 11/1 apxHTeKTypaMn OAHOBpeMeHHO, i/icno/ib30BaTb 
KpnnTorpacf)MHecKMe noAnncn A-rm npoBepKn naKeTOB m o6HOB/iflTb 
cjDaM/ibi, ncno/ib3yfl MeTOAbi, onucaHHbie b cooTBeTCTByK)Luei/i r/iaBe. 

HecMOTpa Ha Bee ycurium, npeAnpMHHMaeMbie pa3pa6oTHMKaMM Kali / 
Debian, o6HOB/ieHne cncTeMbi He BcerAa npoxoAHT TaK maAKO, KaK 
Mbi HaAeeMCjq. Ec/ii/i Bbi cmnKHy/iHCb c KaKMM-nn6o npo6/ieMaMM, Bbi 
MOweTe noceTMTb Kali bug tracker 32 hjii/i Debian bug tracking system 33 
Ha https://bugs.debian.org/packaqe A-rm npoBepKH OTneTOB o 
pemeHMH AaHHoro poAa npo6/ieMbi. Bbi TaK>Ke MO>KeTe nonbuaTbCfl 
noHH3HTb b cTaTyce naKeT hjii/i OT/iaAHTb h BOccTaHOBHTb HeyAaHHbiPi 
cueHapm/i noAAep>KKM naKeTa. 


32 http://bugs. kali.org 
33 https://bugs. debian.org 
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HacTb 9: PacumpeHHoe ncno/ib30BaHne cncie/v\bi 

Coflep>KaHMe: 

9.1 MoflMC^MUMpyeM naKeTbi Kali 

9.2 PeKOMriH/iflUHfl aflpa Linuxl 

9.3 Co3Aam/ie >KMBoro nonb30BaTe/ibCKoro ISO o6pa3a Kali 

9.4 /}o6aB/ieHi/ie PersistenceK >KHBOMy o6pa3y ISO c USB k/ikdhom 

9.5 lloABeAeM MTorn 

KrifoneBbie c/iOBa maBbi: 

• nonb30BaTe/ibCKne naiceTbi; 

• nonb30BaTenbCKoe aapo; 

• nonb30BaTe/ibCKne M3o6pa>KeHi/m; 

• live-build; 

• Persistence; 
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Kali 6bm pa3pa6oTaH KaK BbicoKOMOfly/ibHbm Hacrpai/iBaeMbiM 
(fjpeMMBOpK A/lfl TeCTMpOBaHMa Ha npOHMKHOBeHl/ie, KOTOpbIM 
no3BonjReT AOBO/ibHO npoABMHyTyio HacrpoMKy n ncno/ib30BaHne. 
HacTpoPiKa MO>KeT nponcxoAHTb Ha HecKO/ibKHx ypoBH^x, Hani/maa c 
ypoBHfl kicxoAHoro KOAa. Mctohhhkh Bcex naKeTOB Kali nsnntOTcn 
o6meAOCTynHbiMM. B btoh maBe Mbi noKaweM, KaK Bbi MO>KeTe 
M3BneKaTb naKeTbi, i/i3MeHATb hx m KaK co3AaBaTb 1/13 hhx Banin 
co6cTBeHHbie HacTpanBaeMbie naKeTbi. flAPO Linux 3ac/iy>KHBaeT 
OTAe/ibHoro BHHMaHi/m, n hmchho noaTOMy Mbi nocBATi/mn eMy ue/ibin 
pa3Aen (pa3Ae/i 9.2, "nepeKOMnn/iaui/m HApa Linux" [cTp. 232]), b 
kotopom noAPo6HO o6cy>KAaeTCfi, i~Ae mo>kho HanTn hctohhhkh, KaK 
HacTponTb c6opKy 5RApa n, HaKOHeu, KaK cKOMnnnnpoBaTb ero n KaK 
co3AaTb cBa3aHHbie c aApoM naKeTbi. 

BTopon ypoBeHb HacrpoPiKH flBrmeT co6on npouecc co3AaHi/m >KHBoro 
o6pa3a ISO. Mbi noKa>KeM BaM, k3khm o6pa30M HHCTpyMeHT live-build 
npeA-naraeT mhokcctbo pa3/ii/iHHbix npneMOB n onunn KOHc^nrypaqnn 
Ann HacTponKn nToroBoro o6pa3a ISO, BK/iiOHafl B03M0>KH0CTb 
ncnonb30BaTb no/ib30BaTe/ibCKne naKeTbi Debian BMecTO naKeTOB 
AOCTynHbix Ha 3epKa/iax. 

Mbi TaK>Ke o6cyAHM, KaK Bbi MO>KeTe co3AaTb nocTOflHHyio >Ki/iByio 
c6opKy ISO Ha USB HaKonnTe/in, KOTopbin 6yAeT coxpaHATb c^an/ibi n 
n3MeHeHn?i, BHeceHHbie Ha onepaunoHHon cncreMe Me>KAy 
nepe3arpy3KaMn. 


9.1 MoAM(|)ML^Mpyeivi naKeTbi Kali 

l/l3MeHeHne naKeTOB Kali o6bNHO nsnnejcn 3aAaHen A-rm coTpyAHnKOB 
n pa3pa6oTHHKOB Kali: ohi/i o6hob/ijrk>t naKeTbi Ha 6o/iee HOBbie 
Bepcnn, ohh HacTpanBaiOT KOHC^nrypapnK) no yMO/inaHi/iK) Ann 
nyHiuen i/iHTerpaum/i b AncTpn6yTHB, a TaK>Ke ohh pemaiOT npo6neMbi, 
yKa 3 aHHbie no.nb 30 BaTe.rmMn b noAaHHbix OTneTax 06 onin6Kax. Ho 
Bee 3to He OTpnuaeT tot cj^aKT, hto y Bac MO>KeT B 03 HHKHyTb oco6aa 
Heo6xoAHMOCTb, KOTopajR He 6bma Bbino/iHeHa oc| 3 HMna/ibHbiMn 
naKeTaMn h, b cba3h c bthm, 3 HaHne Toro, KaK MOAn<t>nui/ipoBaTb n 
n 3 MeH?iTb naKeTbi MO>KeT 6biTb oneHb no/ie 3 HbiM A-rm aac. 
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Bbi MOweTe nouHTepecoBaTbCfl, 3aneM BOo6me BaM Heo6xoflMMO 
6ecnoKOHTbcs no noBOfly naiceTOB? B KOHue kohmob, ec/in BaM 
npi/ixoflUTbCA M3MeH^Tb KaKyK)-nn6o nacTb nporpaMMHoro 
o6ecneneHHfl, Bbi Bcerfla MO>KeTe nonyHHTb ero ncxoAHbiPi koa 
(o6bNHO c noMombK) git) h 3anycTHTb H3MeHeHHyio h 
MOflHCf)HUHpOBaHHyK) BepCMK) npjqMO H3 HCXOflHOrO KOAa. 3to, 
6e3yc/iOBHO, oneHb yAo6HO, ec/in bto bo3mo>kho, h Kor^a Bbi 
ncnonb3yeTe cbokd AOMaumioK) AnpeKTopmo Ann bthx uenePi, ho ec/in 
>Ke Bame npn/io>KeHne Tpe6yeT o6mecHCTeMHoPi ycraHOBKH 
(HanpMMep, c noMombK) mara make install), to oho 3acopnT Bamy 
c^aPmoByK) cncreMy pa3/iHHHbiMH cjDaPmaMH, KOTopbie Hen3BecTHbi 
dpkg h KOTopbie b ckopom BpeMeHH co3AaAyT npo6/ieMbi, He 
pemaeMbie 3aBHCHMOcmMH naiceTOB. KpoMe Toro, c noMombK) BepHbix 
naKeTOB Bbi cMO>KeTe Ae/inTbca cbohmh n3MeHeHn^MM h c nerKOCTbio 
3anyci<aTb hx Ha MHO>KecTBe Apyr hx KOMnbKrrepoB v\nv\ >Ke o6pamaTb 
M3MeHeHHfl, ec/in ohh pa6oTaK)T He TaK, KaK BaM xoTe/iocb 6bi. 

1/lTaK, KorAa 6 bi Bbi xoTe/in n3MeHMTb naKeT? flaBaPiTe paccMOTpHM 
HecKonbKO npMMepoB. Ann Hana/ia, Mbi npeAnono>KHM, hto Bbi 
jqB/ijqeTecb yBepeHHbiM no.nb30BaTe.neM SET h Bbi 3 aMeTnnn 6 o/iee 
HOBbiPi BbinycK, ho TaK cno>KH.nocb, hto Bee pa3pa6oTHMKn Kali 3aHATbi 
Ha KOHct>epeHi 4 Hflx, a Bbi xoTHTe onpo 6 oBaTb btot HOBbiPi BbinycK KaK 
mo>kho cKopee. Bbi >Ke/iaeTe o 6 HOBHTb naKeTbi caMOCTOATe/ibHO. B 
ApyroM cnynae, Mbi npeAnono>KHM, hto Bbi BceMH cn/iaMn nbiTaeTecb 
CAe/iaTb TaK, HTo 6 bi Bama MIFARE NFC 3 apa 6 oTa/ia, h Bbi xoTHTe 
BOccTaHOBHTb «libfreefare» A-na Toro, HTo 6 bi BK/iK)HHTb OT/iaAOHHbie 
coo 6 meHna, HTo 6 bi npeAOCTaBHTb AaHHbie o asPIctbhjix Ann yKa 3 aHHfl 
hx b OTneTe 06 OLun 6 Ke, KOTopbiPi Bbi cePinac roTOBHTe. I/I b noc/ieAHeM 
c/iynae Mbi npeAnono>KHM, hto nporpaMMa "pyrit" BbiAaeT coo 6 meHne 
06 onin 6 Ke cryptic, rioc/ie noncKa b HHTepHeTe, Bbi HaxoAHTe 
HcnpaB/ieHkie b peno3HTopnn GitHub, KOTopoe mo>kct noMOHb BaM 
peniHTb B03HHKLuyK> npo 6 /ieMy, h xoTHTe n3MeHMTb naKeT c 
ncnonb30BaHneM 3Toro ncnpaB/ieHHJT 

Mbi AeTa/ibHO npoPiAeMca no BceM stum npnMepaM b cneAyromeM 
pa3Ae/ie. Mbi nonbrraeMca o6o6mnTb Hawn pa3"bflCHeHHfl t3khm 
06pa30M, HT06bl Bbi CMOr/lM JiyHLUe npHMeHJRTb HHCTpyKUHH B 
pa3nnHHbix c/iyHaflx, ho, k co>Ka/ieHHK), HeB03M0>KH0 3aTpoHyTb Bee 
CHTyaUHH, C KOTOpbIMH Bbi MO>KeTe CTO/lKHyTbCJT EC/1H Bbi 
CTO/iKHynncb c npo6neMoPi, npnMeHHTe cboh HaBbiKH A-na pa3pei±ieHHfl 
CHTyauMH h/ih nonpo6yPiTe HaPiTH peuieHne b HHTepHeTe, TaK>Ke 
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peKOMeHflyeM BaM i/icicaTb OTBeTbi Ha caMbix noflxoflJuunx c[)opyMax 
(cmotph rnaBy 6 «no/iyHeHi/ie noMomn» [cTp. 124]). 

Kaici/ie 6bi M3MeHeHi/m Bbi He xoTe/ii/i 6bi npon3BecTi/i, 06m mm npouecc 
BcerAa 6yAeT BbirrmAeTb OAHHaKOBo: no/iyni/iTb hctohhmk naiceTa, 
3anycTHTb ero, npon3BecTi/i >KenaeMbie M3MeHeHi/m, a 3aTeM co3AaTb 
naxeT. Ho A-rm i<a>KAoro wara, BcerAa cymecTByeT MHO>KecTBO 
HHCTpyMeHTOB, KOTopbie MoryT noMOHb cnpaBHTbca c 3aAaneM. Mbi 
3aTpoHy/in caMbie peneBaHTHbie m caMbie nonyrmpHbie MHCTpyMeHTbi, 
ho Ham o63op He AB/ifleTCA McnepribiBaiOLAHM. 


9.1.1 noAyneHMe mctohhmkob 

nepeAe/ibiBaHkie naiceTa Kali Hani/maeTCfl c no/iyneHi/m ero ncxoAHoro 
KOAa. HcxoAHbiM naxeT coctoht n3 HecKO/ibicnx c^aM/iOB: rnaBHbin 
c|3an.n *.dsc (Debian Source Control) coAepwnT cnncoic Bcex Apyrnx 
c^aM/iOB, KOTopbie MoryT 6biTb b cJoopMaTe *.tar. gz, bz2 f xz, i/morAa 
b *.diff.gz, n/in *. debian. tar. gz, bz2,xz. 

1/lcxoAHbie naxeTbi xpaHATca Ha 3epKa/iax Kali, KOTopbie AOCTynHbi 
nepe3 HTTP. Bbi MO>KeTe ncno/ib30BaTb 6pay3ep i\nn 3arpy3Kn Bcex 
Heo6xoAHMbix cjoan/iOB, ho caMbin npocToPi cnoco6 cAe/iaTb bto 
3aK/iK)HaeTCfi b ncno/ib30BaHi/ii/i KOMaHAbi apt source 
source_package_name. 3Ta KOMaHAa Tpe6yeT crpoHicy deb-src b 
<t>aPi.ne /etc/apt/sources.tist n o6HOB/ieHHbie nHAeicc c^an/ibi (hto 
mo>kho CAe/iaTb nyTeM Bbino/iHeHna KOMaHAbi apt update), no 
yMonnaHMK), Kali He Ao6aB.rmeT Tpe6yeMyK) crpoicy, Tax KaK HeMHorne 
no/ib30BaTenn Kali AencTBi/iTe/ibHO Aon>KHbi M3B/ieKaTb ncxoAHbie 
naiceTbi, ho Bbi MO>KeTe nerKO Ao6aBHTb nx (cm. npnMep cjoaM/ia b 
pa3Ae/ie 8.1.3, «KaIi peno3HTopni/i» [cTp. 173] n cooTBeTCTByiomne 
06 ‘bacHeHMjR b pa3Ae/ie 8.1.2 «ripaBMnbHoe noHi/iMaHne c(oaM/ia 
sources.tist» [crp. 172]). 
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$ apt source libfreefare 

Reading package lists... Done 

NOTICE: 'libfreefare' packaging is maintained in the ’Git' version control system at: 
git://anonscm.debian.org/collab-maint/libnfc.git 
Please use: 

git clone git://anonscm.debian.org/collab-maint/libnfc.git 
to retrieve the latest (possibly unreleased) updates to the package. 

Need to get 119 kB of source archives. 

Get:l http://archive-2.kali.org/kali kali-rolling/main libfreefare 0.4.0-2 (dsc) (2,090 B] 
Get:2 http://archive-2.kali.org/kali kali-rolling/main libfreefare 0.4.0-2 (tar) [113 kB] 
Get:3 http://archive-2.kali.org/kali kali-rolling/main libfreefare 0.4.0-2 (diff) [3,640 B] 
Fetched 119 kB in Is (63.4 kB/s) 


gpgv: keyblock resource '/home/rhertzog/.gnupg/trustedkeys.gpg*: file open error 
gpgv: Signature made Tue 04 Mar 2014 06:57:36 PM EST using RSA key ID 40AD1FA6 
gpgv: Can't check signature: public key not found 

dpkg-source: warning: failed to verify signature on ./libfreefare_0.4.0-2.dsc 
dpkg-source: info: extracting libfreefare in libfreefare-0.4.0 
dpkg-source: info: unpacking libfreefare_0.4.0.orig.tar.gz 
dpkg-source: info: unpacking libfreefare_0.4.0-2.debian.tar.xz 

$ cd libfreefare-0.4.0 
$ Is 


AUTHORS CMakeLists.txt COPYING HACKING m4 README 

ChangeLog configure.ac debian libfreefare Makefile.am test 


cmake contrib examples libfreefa re.pc.in NEWS TODO 
$ Is debian 

changelog copyright libfreefare-dev.install rules 
compat libfreefare0.install libfreefare-doc.install source 
control libfreefare-bin.install README.Source watch 


B 3tom npuMepe, b to BpeMA KaK Mbi no/iynH/iM ncxoflHbiPi naiceT 1/13 
3epKa/ia Kali, naiceT nsnnejcn t3kmm we, KaK n b Debian, t.k. cTpoKa 
BepcMM He coflepwHT "kali." 3to 03HanaeT, hto HHKaKMx n3MeHeHi/m, 
CBA3aHHbix c Ka/iM, He 6bmo npon3BeAeHO. 

Ec/ih BaM HywHa KOHKpeTHaa Bepcna hcxoahoto naKeTa, KOTopaa, no 
TeM v\nv\ HHbiM npi/Ni/maM, Ha AaHHbiPi MOMeHT HeAOCTynHa b 
peno3MTopnax, nepeHi/icneHHbix b /etc/apt/sources.list, to caMbiM 
npocTbiM cnoco6oM Ann 3arpy3KH 6yAeT HaPiTH URL Heo6xoAHMoro 
ct>ai/i.na .dsc nyTeM noncKa Ha http://pkq.kali.org h 3aTeM nepeAana 
3Toro URL nepe3 dget (H3 naKeTa devscripts package). 

noc/ie noncKa URL kicxoAHoro naKeTa libreefare b kali-bleeding-edge, 
Bbi MOweTe cKanaTb ero c noMombio dget. CHana/ia oho cKanaeT cjoaMn 
.dsc, 3aTeM npoaHa/in3npyeT ero, HTo6bi y3HaTb, Ha hto ccbinaiOTCJi 
Apyrkie c(paM/ibi, m 3aTeM 3arpy3MT hx m3 toto we MecTa: 
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$ dget http://http.kali.org/pool/main/libf/libfreefare/libfreefare_0.4.0+0- 
* gitl439352548.ffde4d-l.dsc 

dget: retrieving http://http.kali.org/pool/main/libf/libf reefare/libfreefare_0.4.0+0- 
** gitl439352548.ffde4d-l.dsc 

% Total % Received % Xferd Average Speed Time Time Time Current 

Dload Upload Total Spent Left Speed 

100 364 100 364 0 0 852 0 854 

100 1935 100 1935 0 0 2650 0 19948 

dget: retrieving http://http.kali.org/pool/main/libf/libfreefare/libfreefare_0.4.0+0- 
gitl439352548.ffde4d.orig.tar.gz 

[...] 

dget: retrieving http://http.kali.org/pool/main/libf/libfreefare/libfreefare_0.4.0+0- 
•» git1439352548.ffde4d-1.debian.tar.xz 
[...] 

libf reefa re_0.4.0+0-git1439352548.f fde4d-1.dsc: 

dscverify: libfreefare_0.4.0+0-git1439352548.ffde4d-l.dsc failed signature check: 

gpg: Signature made Wed Aug 12 06:14:03 2015 CEST 

gpg: using RSA key 43EF73F4BD8096DA 

gpg: Can't check signature: No public key 

Validation FAILED!! 

$ dpkg-source -x libfreefare_0.4.0+0-gitl439352548.ffde4d-l.dsc 

gpgv: Signature made Wed Aug 12 06:14:03 2015 CEST 
gpgv: using RSA key 43EF73F4BD8096DA 

gpgv: Can't check signature: No public key 

dpkg-source: warning: failed to verify signature on ./libfreefare_0.4.0+0-gitl439352548 
**■ .ffde4d-l.dsc 

dpkg-source: info: extracting libfreefare in libfreefare-0.4.0+0-gitl439352548.ffde4d 
dpkg-source: info: unpacking libfreefare_0.4.0+0-gitl439352548.ffde4d.orig.tar.gz 
dpkg-source: info: unpacking libfreefare_0.4.0+0-gitl439352548.ffde4d-l.debian.tar.xz 


Ctoht OTMeTMTb, hto dget aBTOMaTi/inecKM He M3B/ieKa/i i/icxoflHbiPi 
naiceT, noTOMy hto oh He Mor npoBepHTb noAnncb PGP b mcxoahom 
naiceTe. TaKi/iM o6pa30M, Mbi cAena/ii/i btot mar BpyHHyio c noMombK) 
dpkg- source -x dsc-file .Bbi TaioKe MO>KeTe npi/myAMTe/ibHO 
yAanMTb i/icxoAHbiM naKeT, yKa3aB napaMeTp -allow-unauthenticated 
\ah\a onpHK) -u. I/I Hao6opoT, Bbi MO>KeTe ncnonb30BaTb -download- 
only, HTo6bi nponycTMTb mar M3BneHeHMa McxoAHoro naKeTa. 


M3B/ieHeHMe MCTOMHHKa M3 Git 

Bo3mo>kho, Bbi 3aMeTM/in, hto Bbi30B apt source yKa3biBaeT BaM 
B03M0>KHblM pen03MT0pHM Git, KOTOpbIM HCnO/lb3yeTC?l A-nfl 
noAAspxcKM naKeTa. Oh MO>KeT yKa3biBaTb Ha peno3MTopnM Debian Git 
min Ha peno3MTopm/i Kali Git. 
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Bee naiceTbi, cneuMcJiMHHbie A-rm Kali, xpahmTca b peno3MTopMax Git, 
pa3MemeHHbix Ha git.kali.org 34 . Bbi M0>KeTe no/iyHMTb mctohhmkm m3 
3thx peno3MTopneB c noMombK) git clone 
git://git.kali.org/packages/source-package. Ec/im onepauMA He AaeT 
o>KMAaeMbix mctohhmkob, nonpo6yPiTe nepeK/iiOHMTbCJi Ha BeTKy kali / 
master c noMombK) git checkout kali / master. 

B OT/iMHMe ot Toro, hto Bbi no/iynaeTe c noMombK) mctohhmk3 apt, 
nojiyneHHoe AepeBO He 6yAeT aBTOMaTMHecKM npMMeHATb M3MeHeHMfl. 
3arrmHMTe b debian/patches/, HTo6bi y3HaTb o B03M0>KHbix 
M3MeHeHi/mx, BHeceHHbix Kali. 

$ git clone git://git.kali.org/packages/kali-meta 

Cloning into 'kali-meta'... 

remote: Counting objects: 760, done. 

remote: Compressing objects: 100% (614/614), done. 

remote: Total 760 (delta 279), reused 0 (delta 0) 

Receiving objects: 100% (760/760), 141.01 KiB | 0 bytes/s, 
done. 

Resolving deltas: 100% (279/279), done. 

Checking connectivity... done. 

S cd kali-meta 
$ Is 
debian 
$ Is debian 

changelog compat control copyright rules source 

Bbi MO>KeTe ncno/ib30BaTb peno3MTopnn git icaic ApyroPi cnoco6 
M3B/ieHeHi/m mctohhhkob m, cneAOBaTe/ibHO, (b 6 o/ibi±iMHCTBe 
c/iynaeB) c/ieAOBaTb ApyrMM MHCTpyKUMAM M3 3Toro pa3Ae/ia. Ho 
KorAa pa3pa6oTHMKM Kali pa6oTaK)T c btmmm peno3MTopMAMM, ohm 
Mcno/ib3yK)T ApyroPi npoqecc naKeTMpoBaHMA m Mcno/ib3yK)T 
MHCTpyMeHTbi M3 naKeTa git-buildpackage, KOTopbie Mbi 3Aecb He 
6 yAeM 3 aTparMBaTb. Bbi MOweTe y 3 HaTb 6 o/ibiue 06 btmx 
MHCTpyMeHTax 3Aecb: 

https://honk.sigxcpu.org/piki/projects/git-buildpackage/ 


34 http://git.kali.org 
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9.1.2 YCTaHOBKa 3aBMCMMOCTeM c6opKM 

Tenepb, KorAa y Bac ecTb mctohhmkm, BaM Bee paBHO hy>kho 
yCTaHOBHTb 3aBMCMMOCTM c6opKM. OHM 6yflyT Heo6xOflMMbl fl/lfl 
co3AaHna >KenaeMbix 6MHapHbix naxeTOB, ho TaK>Ke, BeponTHO, 
Heo6xOAMMbl Ann HaCTMHHblX c6opOK, KOTOpbie Bbi, B03M0>KH0, 
3axoTMTe 3anycTMTb, HTo6bi npoTecrmpoBaTb M3MeHeHnn no Mepe nx 
C03AaHMJR. 

Ka>KAbM McxoAHbm naiceT 3anBnneT cbom 3aBMCMMOCTM c6opkm b none 
Build-Depends c^anna debian/control. flaBanTe o6paTMMcn k apt Ann 
Toro, HTo6bi ycTaHOBMTb mx (npn ycnoBMn, hto Bbi HaxoAHTecb b 
AM peKTopMM, coAep>KameM pacnaKOBaHHbin ncxoAHbin naiceT): 


$ sudo apt build-dep ./ 

Note, using directory to get the build dependencies 
Reading package lists... Done 
Building dependency tree 
Reading state information... Done 
The following NEW packages will be installed: 
autoconf automake autopoint autotools-dev debhelper dh-autoreconf 
dh-strip-nondeterminism gettext intltool-debian libarchive-zip-perl 
libfile-stripnondeterminism-perl libtool po-debconf 
0 upgraded, 13 newly installed, 0 to remove and 0 not upgraded. 

Need to get 4 456 kB of archives. 

After this operation, 14,6 MB of additional disk space will be used. 
Do you want to continue? [Y/n] 

U 


B 3tom npMMepe Bee 3aBMCMMOCTM c6opKH MoryT 6biTb yAOBneTBopeHbi 
naxeTaMM, AOCTynHbiMM A-na APT. 3to MO>xeT 6biTb He BcerAa Tax, 
nocKonbKy MHCTpyMeHT kali-roll He o6ecnenMBaeT B03M0>KH0CTb 
yCT3H0BKM 3aBMCMMOCTeM c6opKM (yHMTblBaiOTCfl TOnbKO 33BMCMM0CTM 
ABOMHHbix naxeTOB). Ha npaicTnice 6MHapHbie 3aBMCMMOCTM m 
33BMCMMOCTM c6opKM Macro TecHO cBn33Hbi, m y 6onbiiiMHCTBa naiceTOB 
3aBMCMMOCTM c6opKM 6yAyT yAOBneTBopeHbi. 


9.1.3 ripOM3BOAHM M3MeHeHMB 

Mbi He MOweM 3aTpoHyTb b ashhom pa3Aene Bee B03M0>KHbie 
M3MeHeHMn, KOTOpbie Bbi 3axoTMTe npoM3BecTM c naxeTOM. 3Aecb Mbi 


294 


nocrapaeMCfl paatflcm/iTb BaM Bee Heo6xoAHMbie AeTa/ii/i 35 
naKeTupoBaHM^ Debian. OflHaKO, Mbi 3aTpoHeM Tpn caMbix 
pacnpocTpaHeHHbix cnyHaa ncno/ib30BaHHjq, KOTopbie Mbi y>Ke 
ynoMUHa/in paHee, a TaK>Ke obtacHHM HeKOTopbie H3 caMbix Ba>KHbix 
nacTePi (BpoAe noAAep>KKM c^aPi/ia changelog). 

llepBafl Bemb, KOTopyK) Heo 6 xoAHMO CAe/iaTb, bto n3Mem/iTb BepcHK) 
naKeTa TaKi/iM o6pa30M, HTo 6 bi n3MeHeHHbiPi naKeT Mor OT/ii/maTbCfl ot 
opurnHa/ibHoro naKeTa npeAOcraB/ieHHoro Kali m/im Debian. HTo 6 bi 
CAe/iaTb 3to, Mbi o 6 bNHO Ao 6 aB/iaeM cyc^c^MKc nAeHTncf)nunpyK)mnPi 
cymHOCTb- 06 'beKT (ne/iOBeKa h/ih KOMnaHmo), npi/iMeHfliOLuyK) 
M3MeHeHHfl. YMHTblBaa TOT Cj^aKT, HTO bUXy AB/lfleTCfl MOHM IRC HMKOM, 
9\ 6 yAy ncnonb30BaTb ero b KanecTBe cy^cjDUKca. TaKoe M3MeHeHne 
jiyHLue Bcero Bbino/iHATb c noMombK) KOMaHAbi dch (Debian 
CHangelog) 1/13 naKeTa devscripts, KOTopaa 6 yAeT Bbir/i^AeTb 
c/ieAyK)mnM o6pa30M dch --local buxy. 3to Bbi30BeT TeKCTOBbiPi 
peAaKTop (sensible-editor, KOTopbiPi 3anycKaeT peAaKTop, 
Ha 3 HaHeHHbiPi b nepeMeHHbix cpeA VISUAL 1/1/11/1 EDITOR, 1/1/11/1 
/usr/bin/editor), KOTopbiPi no3BO.ni/iT BaM AOKyMeHTi/ipoBaTb pa3/ii/NMfl, 
npeACTaB/ieHHbie b M3MeHeHMM. 3tot peAaKTop noKa3biBaeT, hto dch 
ASMCTBHTe/ibHO n 3 MeHM/i cj^aPm debian/changelog: 


$ head -n 1 debian/changelog 

libfreefare (0.4.0-2) unstable; urgency=low 

$ dch --local buxy 

(...] 

$ head debian/changelog 

libfreefare (0.4.0-2buxyl) UNRELEASED; urgency=medium 

* Enable --with-debug configure option. 

-- Raphael Hertzog <buxy@kali.org> Fri, 22 Apr 2016 10:36:00 -0400 
libfreefare (0.4.0-2) unstable; urgency=low 

* Update debian/copyrtight. 

Fix license to LGPL3+. 


Ec/im Bbi npon3BOAHTe noAo6Hbie i/i3MeHeHi/m AOBO/ibHO nacTO, BaM 
MO>KeT noHaAo6nTbC}^ BbicTaBMTb 3HaHeHMe nepeMeHHbix cpeA 
DEBFULLNAME h DEBEMAIL Ha Bame no/iHoe hma m Bam aApec 
3/ieKTpoHHOM noHTbi cooTBeTCTBeHHO. I/lx 3HaneHi/m 6yAyT 


35 https://www. debian.org/doc/manuals/maint-guide/ 
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l/ICn0Jlb30BaTbCfl MHOTMMM MHCTpyMeHTaMM naKeTMpOBaHMJR, BK/lK)Hafl 
dch, KOTopbie 6yflyT BCTaBrmTb mx noc/ieAHiOK) cTpoHKy, KaK noKa3aHO 
Bbiiiie (HaHHHaa c «-»). 


npMMeHeHne m o amc|di/iK a 141/1 m 

B OAHOM M3 HaLUMX C/iyHaeB MCn0/lb30BaHMfl Mbl 3arpy3MnM MCXOAHbIM 
naKeT pyrit, m Mbi xotmm npMMeHMTb MOAHcj^MKauMM, KOTopbie Mbi 
o6Hapy>KMnM b cooTBeTCTBem-iOM git peno3MTopMM. 3 to AOBO/ibHO 
pacnpocrpaHeHHafl onepauMA, m OHa BcerAa AO/i>KHa 6biTb npocToPi. K 
co>Ka/ieHMK), MOAnc|3MKaMMM MoryT o6pa6aTbiBaTbca no-pa3HOMy b 
33BMCMM0CTM ot <£opMaTa McxoAHoro naKeTa m pa6onero npouecca 
naKeTMpoBaHMjq Git (icorAa Git Mcno/ib3yeTCfl Ann noAAsp>KKM 
naKeTa). 

C HepacnaKOBaHHbiM mcxoahum naKeTOM Bbi Bbino/iHM/iM apt 
source pyrit m y Bac ecTb pyrit-0. 4.0 directory. Bbi MO>KeTe npMMeHMTb 
BaLUM M3MeHeHM3 M/1M MOAHCfJMKaqMM HanpflMyK) C nOMOLAbK) patch - 
pi < patch-file: 


$ apt source pyrit 

(...) 

$ cd pyrit-0.4.9 

S wget https://github.com/JPaulMora/Pyrit/coramit/14 

ec997174b8e8fd20d22b6a97c57el9633f12a0.patch -0 /tmp/pyrit-patch 

(...) 

$ patch -pi </tmp/pyrit-patch 
patching file cpyrit/pckttools.py 
Hunk #1 succeeded at 53 (offset -1 lines). 

$ dch --local buxy "Apply patch to work with scapy 2.3” 


Ha 3tom craAHM, Bbi BpyHHyK) MOAHcJjMUMpyeTe McxoAHbiM koa m y>Ke 
MO>KeTe co3AaBaTb ABOMHHbie naKeTbi BameM M3MeHeHHOM BepcMM 
(cmotpm pa3Aen 9.1.4 «3anycK c6opKM» [cTp. 230]). Ho ecrm Bbi 
nonpo6yeTe co3AaTb o6HOB/ieHHbiM McxoAHbiM naKeT, to npoqecc 
noTepnMT HeyAany, BbiAaBaa oniM6Ky «He3an/iaHMpoBaHHbie 
M3MeHeHMfl» ("unexpected upstream changes"). 3to nponcxoAHT M3- 
3a Toro, hto pyrit (KaK n 60/ibiunHCTBO McxoAHbix naKeTOB) 
Mcnonb3yeT mcxoahum cJjopMaT (cmotpm cjjaM/i debian/source/format), 
TaK>Ke M3BecTHbiPi KaK 3.0 (quilt), rAe M3MeHeHM?i b cooTBeTCTByiomeM 
KOAe AO/i>KHbi 3anMCbiBaTbc?i b OTAe/ibHbie naTHM (MOAn<t>MKai4MM), 
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xpai-mmi/iecfl b debian/patches/, n rAe cj^aPm debian/patches/series 
yKa 3 biBaeT nop^AOK, b kotopom AO/i>KHbi npi/iMeHATbCfl MOAn<t>nKai 4 i/m. 
Bbi MOweTe 3aperncTpnpoBaTb cboh n3MeHeHi/m b hobom naTne 
(MOAn<t>m<a 141 /m) nyTeM 3anycKa dpkg-source --commit: 


$ dpkg-source --commit 

dpkg-source: info: local changes detected, the modified files are: 
pyrit-0.4.0/cpyrit/pckttools.py 

Enter the desired patch name: fix-for-scapy-2.3.patch 

dpkg-source: info: local changes have been recorded in a new patch: pyrit-0.4.0/debian/ 
patches/fix-for-scapy-2.3.patch 
$ tail -n 1 debian/patches/series 
fix-for-scapy-2.3.patch 


Cepufl naTHefi (MOflMcjDMKaMMM) Quilt 

3 to yc/iOBHoe o6o3HaHem/ie b ccj^epe ynpaB/ieHHA naTnaMi/i nonyHn.no 
pacnpocTpaHeHMe 6naroAapn HHCTpyMeHTy noA Ha3BaHneM quilt h 
t 3 kmm o6pa30M cj^opMaT ncxoAHoro naxeTa " 3.0 (quilt)" nBnneTcn 
COBMeCTMMbIM C 3THM HHCTpyMeHTOM - C He60/lbLUMM OTK/lOHeHMeM, 
KOTopoe oho ncno/ib3yeT, a mmchho debian/patches BMecTO naTHen. 
3 tot HHCTpyMeHT AOCTyneH b naiceTe c TeM >xe HMeHeM, h Bbi MO>KeTe 
HaMTi/i xopomee pyKOBOACTBO 3Aecb: 

https://raphaelhertzoq.com/2012/08/Q8/ how- to - use-quilt-to- 
manage-patches-in-debian- packages/ 


Ecnn McxoAHbm naxeT ncno/ib3yeT 1.0 nnn 3.0 (poAHon) ncxoAHbin 
cjDopMaT, TorAa HeT hmiokoh Heo6xoAHMOCTM perncTpnpoBaTb Banin 
n3MeHeHna b OTAenbHbin naTH. Ohh aBTOMaTnnecKn co6paHbi b 
nToroBOM hcxoahom naiceTe. 

C noMOujbio Git Peno3MTopMfl Ec/in Bbi ncno/ib30Ba/in Git A-rm 
n3BneHeHna hcxoahoto naiceTa, cnTyapnsq eme c/io>KHee. CymecTByeT 
HecKO/ibKO pa6onnx npoueccoB Git n cBA3aHHbix c hhmh 
nHCTpyMeHTOB, n, oneBHAHO, hto He Bee naiceTbi Debian ncno/ib3yiOT 
oahu n Te >Ke pa6onne npoueccbi n HHCTpyMeHTbi. Pa3/inHne, paHee 
pa3"bflCHeHHoe b OTHomeHi/in hcxoahoto c^opMaTa, no-npe>KHeMy 
aKTya/ibHO, ho Bbi TaK>Ke AO/i>KHbi npoBepnTb, npnMeHniOTCfl nn 
npeAsapnTe/ibHO naTHH (MOAHc^nKaunn) b hcxoahom AepeBe, nnn ohh 
coxpaHfliOTCfl TO/ibKO b debian/patches (b btom cnynae ohh 
npUMeHJRKDTCJR bo BpeMfl co3AaHna). 
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CaMbiM nonynapHbiM MHCTpyMeHTOM aBnaeTca git-buildpackage. 3to 
tot MHCTpyMeHT, KOTopbm Mbi Mcnonb3yeM Ana ynpaBneHMa BceMM 
peno3MTopnaMM Ha git.kali.org. KorAa Bbi Mcnonb3yeTe ero, naTHM He 
npnMeHaK)Tca npeABapMTenbHO b mcxoahom AepeBe, a ohm xpaHaTca 
b debian/patches. Bbi MO>KeTe BpyHHyio Ao6aBMTb naTHM b btot 
KaTanor m nepeHMcnMTb mx b debian/patches/series, ho nonb30BaTenM 
git-buildpackage MMeiOT tchashlimk) Mcnonb30BaTb gbp pq A-rm 
peAaKTMpoBaHMa BcePi cepMM naTnePi KaK OTAenbHoPi bctkm, KOTopyK) 
Bbi MO>KeTe pacLUMpMTb MnM nepecTpoMTb no cBoeMy BKycy. llpoBepbTe 
gbp-pq(l) A-n^ Toro, HTo6bi y3HaTb, KaK ero Bbi3BaTb. 


git-dpm (c cooTBeTCTByiomePi KOMaHAoPi c t3kmm >Ke MMeHeM) 
aBnaeTca ApyrMM MHCTpyMeHTOM naKeTMpoBaHMa git, KOTopbiPi Bbi 
MO>KeTe Mcnonb30BaTb. Oh 3anMCbiBaeT MeTaAaHHbie b debian/.git- 
dpm coxpaHaeT naTHM, npMMeHaeMbie b mcxoahom AepeBe, nyTeM 
cnMflHMfl nocToaHHO nepeycTaHaBnMBaeMoPi bctkm, KOTopaa 
co3AaeTca M3 coAep>KMMoro debian/patches. 


HacTpoMKa onui/m c6opkm 

06biHHO BaM npMxoAHTca HacTpaMBaTb onqMM c6opkm, KorAa Bbi 
xoTMTe noAKniOHMTb HeKOTopbie AononHMTenbHbie c^yHKUMM MnM 
noBeAeHMe, KOTopoe He aKTMBMpoBaHO b ocjDMUManbHOM naKeTe, MnM 
>Ke KorAa Bbi xoTMTe HacTpoMTb napaMeTpbi, KOTopbie BbicTaBneHbi bo 
BpeMa co3AaHMa nepe3 ./configure MnM nepe3 nepeMeHHbie, 
ycTaHOBneHHbie b cpeAe c6opkm. 

B noAo6Hbix cnynaax, M3MeHeHMa o6biHHO orpaHMHMBaKDTca 
debian/rules, KOTopbie ynpaBnaiOT maraMM b npouecce co3AaHMa 
naKeTa. B npocTePiniMx cnynaax ctpokm, Kacaiomueca HananbHoPi 
KOHcjDMrypauMM (./configure ...) MnM cfjaKTMHecKOM c6opKM ($ (MAKE) 
... MnM make ...), AOBonbHO nerKO o6Hapy>KMTb. EcnM btm KOMaHAbi 
aBHO He Bbl3BaHbl, OHM, BepOaTHO, aBnaKDTCa no 60 HHblM BCjDCjDeKTOM 
ApyroPi aBHoPi KOMaHAbi, m b btom cnynae, nowanyMcra, o6paTMTecb k 
MX AOKyMeHTaUMM, HT 06 bl y3HaTb 6onbllie 0 TOM, KaK M3MeHMTb 
noBeAeHMe no yMonnaHMio. C naKeTaMM, Mcnonb3yK>mnMM dh, BaM 
MO>KeT noTpe6oBaTbca Ao6aBMTb nepeonpeAeneHMe A-n^ KOMaHA 
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dh_auto_configure i/irm dh_auto_build (cm. l/lx cooTBeTCTByK>mne 
CTpaHMUbi pyKOBOflCTBa Ann obtflCHeHi/m toto, KaK bto CAenaTb). 

p,nn Toro HTo6bi CAenaTb Hame pastacHeHi/ie 6onee KOHKpeTHbiM, 
AaBaPiTe npi/iMem/iM ero k OAHOMy M3 c/iynaeB, npi/iBeASHHbix HaM m b 
K anecTBe npi/iMepa. Bbi pei±ii/mi/i MOAn<t>m4npoBaTb libfreefare Ann 
Toro, HTo6bi nepeAaTb napaMeTp -enable-debug b cqeHapi/iPi 
./configure, HTo6bi Bbi momm no/iyni/iTb 6o/iee noAPo6HbiPi BbiBOA H3 
BaniMx MHCTpyMeHTOB cba3i/i c 6 /im>khmm noneM (near field 
communication (NFC)) m co3AaTb /lyniiiMM othct 06 oi±ii/i6Kax b 
OTH omeHMn BaiueM non-recognized Mifare NFC KapTbi. 

llocKO/ibKy naKeT ncno/ib3yeT dh A-rm ynpaB/ieHi/m npoqeccoM c6opKi/i, 
Bbi Ao6aBrmeTe (mjim b ashhom c/iynae MOAn<t>m4npyeTe) obteKT 
override_dh_auto_configure. Hi/i>Ke npi/iBeAeHa cooTBeTCTByiOLuafl 
nacTb U3 cjoaM/ia libfreefare debian/rules: 


override_dh_auto_configure: 

dh_auto_configure -- --without-cutter --disable-silent-rules --enable-debug 


riaKeTupoBaHMe o6hoba6hhom BepckiM 

flaBaPiTe paccMOTpi/iM npi/iMep c tohki/i 3peHi/m obcy>KAeHi/m 
naKeTupoBaHMjq obHOB/ieHHoPi Bepci/m. npeAno/io>KMM, hto Bbi 
AB/iaeTecb yBepeHHbiM no.nb30BaTe.neM SET, m Bbi obHapywi/mi/i HOByio 
BepcMK) (7.4.5), KOTopaa eme He ABrmeTCfl AOCTynHoPi b Kali (b 
KOTOpOM eCTb TO/lbKO BepCMJR 7.4.4). Bbi XOTMTe C03AaTb 
o6HOBneHHbiPi naKeT m onpo6oBaTb ero b Ae/ie. 3to nsnnejcn 
He3HaHMTe/ibHbiM BMemaTe/ibCTBOM, m Bbi He o>KMAaeTe, hto 
obHOB/ieHi/ie noTpe6yeT KaKnx-/in6o M3MeHeHnPi Ha ypoBHe 
naKeTi/ipoBaHi/m. 

p,nn Toro HTo6bi obHOBHTb i/icxoAHbiPi naKeT, Bbi M3B/ieKaeTe HOBbiPi 
McxoAHbiPi tarball p^aom c TeKymHM i/icxoAHbiM naKeTOM 1/1 Kom/ipyeTe 
KaTa/ior debian M3 TeKymero i/icxoAHoro naKeTa b HOBbiPi. 3aTeM Bbi 
ncno/ib3yeTe Bepcmo b debian/changelog. 
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$ apt source set 

Reading package lists... Done 

NOTICE: 'set' packaging is maintained in the 'Git' version control system at: 
git://git.kali.org/packages/set.git 
Please use: 

git clone git://git.kali.org/packages/set.git 

to retrieve the latest (possibly unreleased) updates to the package. 

Need to get 42.3 MB of source archives. 

[...] 

dpkg-source: warning: failed to verify signature on ./set_7.4.4-0kalil.dsc 

dpkg-source: info: extracting set in set-7.4.4 

dpkg-source: info: unpacking set_7.4.4.orig.tar.gz 

dpkg-source: info: unpacking set_7.4.4-0kalil.debian.tar.xz 

dpkg-source: info: applying edit-config-file 

dpkg-source: info: applying fix-path-interpreter.patch 

S wget https://github.eom/trustedsec/social-engineer-toolkit/archive/7.4.5.tar.gz -0 
** set_7.4.5.orig.tar.gz 

[...] 

$ tar xvf set_7.4.5.orig.tar.gz 

[...] 

social-engineer-toolkit-7.4.5/src/wireless/wifiattack.py 

$ cp -a set-7.4.4/debian social-engineer-toolkit-7.4.5/debian 
$ cd social-engineer-toolkit-7.4.5 
$ dch -v 7.4.5-0buxyl "New upstream release" 


Bot m Bee. Tenepb Bbi MOxceTe co3AaBaTb o6HOB/ieHHbm naiceT. 

B 3aBMCMM0CTM ot Ti/ma M3MeHeHMM, KOTopbie npeACTaB/ieHbi B HOBOM 
BepcMM, BaM Tai<>Ke MOxceT noTpe6oBaTbCfl n3MeHMTb 3aBMCMM0CTM 
c6opkm n 3aBncnM0CTM Heo6xoAHMbie Ann KoppeKTHOM pa6oTbi, a 
TaK>Ke ycTaHOBMTb HOBbie c^aPi/ibi. 3to AOBO/ibHO c/io>KHbie n 
o6ninpHbie onepauMM, KOTopbie, k cowanem/iK), He 3aTpoHyTbi b btom 
KHi/ire. 


9.1.4 3anycK c6opKM 

KorAa Bee Heo6xoAHMbie M3MeHeHi/m 6bmi/i npi/iMeHeHbi k i/icTOHHi/iKaM, 
Bbi MO>KeTe HanaTb reHepnpoBaTb pea/ibHbiPi ABOi/NHbiM naKeT v\nv\ 
.deb c^aPm. Becb npouecc ynpaB/iaeTCfl KOMaHAOM dpkg-buitdpackage 
command m BbirrmAHT c/ieAyKomuM o6pa30M: 
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$ dpkg-buildpackage -us -uc -b 

dpkg-buildpackage: source package libfreefare 
dpkg-buildpackage: source version 0.4.0-2buxyl 
dpkg-buildpackage: source distribution UNRELEASED 
dpkg-buildpackage: source changed by Raphael Hertzog <buxy@kali.org> 
dpkg-buildpackage: host architecture amd64 
[...1 

dh_builddeb 

dpkg-deb: building package ’libfreefare0-dbgsym' in '../libfreefare0-dbgsym_0.4.0-2buxyl_amd64.deb'. 
dpkg-deb: building package 'libfreefare0' in '../libfreefare0_0.4.0-2buxyl_amd64.deb'. 
dpkg-deb: building package 'libfreefare-dev’ in '../libfreefare-dev_0.4.0-2buxyl_amd64.deb'. 
dpkg-deb: building package ’libfreefare-bin-dbgsym' in ’../libfreefare-bin-dbgsym_0.4.0-2buxyl_amd64.deb’. 

dpkg-deb: building package 'libfreefare-bin' in '../Iibfreefare-bin_0.4.0-2buxyl_amd64.deb’. 
dpkg-deb: building package 'libfreefare-doc' in '../libfreefare-doc_0.4.0-2buxyl_all.deb’. 
dpkg-genchanges -b >../libfreefare_0.4.0-2buxyl_amd64.changes 
dpkg-genchanges: binary-only upload (no source code included) 
dpkg-source --after-build libfreefare-0.4.0 
dpkg-buildpackage: binary-only upload (no source included) 


napaMeTpbi -us -uc OTK/noHaiOT noflnnci/1 Ha HeKOTopbix 
creHepi/ipoBaHHbix cjDaPmax (.dsc, .changes), noTOMy hto 3Ta 
onepaui/m 3aBepwnTCfl HeyAanePi, ec/ii/i y Bac HeT K/nona GnuPG, 
CBJi3aHHoro c HAeHTMcj^HKaTopoM, KOTopbM Bbi noMecTH/iH b c^aPi/i 
changelog. napaMeTp -b 3anpai±iMBaeT «mnbKO ABOHHHbie c6opkh». 
B 3tom c/iynae HcxoflHbiPi naKeT (.dsc) He 6yAeT co3AaH, a BMecTO 
3Toro 6yAeT co3AaH TO/ibKO ABOHHHbiPi naKeT (.deb). l/lcno/ib3yPiTe 3Ty 
onuMK) A/iJi toto, HTo6bi M36e>KaTb HeyAan bo BpeMA co3AaHMfl 
McxoAHoro naKeTa: ecrm Bbi He 3annca/in Banin n3MeHeHHjq AO/i>KHbiM 
o6pa30M b cncTeMe ynpaB/ieHi/m BHeceHna n3MeHeHnn (patch 
management system), OHa MO>KeT wa/iOBaTbca n npepbiBaTb npouecc 
c6opKn. 

KaK 6bmo npeA/io>KeHO coo6meHHAMn dpkg-deb, co3AaHHbie 
ABonHHbie naKeTbi Tenepb AOCTynHbi b poAHTe/ibCKoPi AnpeKTopnn (b 
toPI, KOTopoPi HaxoAHTcsi AnpeKTopnn hcxoahoto naKeTa). Bbi MO>KeTe 
ycTaHOBnTb nx c noMombio KOMaHA dpkg -i n/in apt install. 


$ sudo apt install ../Iibfreefare0_0.4.0-2buxyl_amd64.deb \ 

../libfreefare-bin_0.4.0-2buxyl_amd64.deb 

Reading package lists... Done 
Building dependency tree 
Reading state information... Done 

Note, selecting 'libfreefareQ' instead of '../Iibfreefare0_0.4.0-2buxyl_amd64.deb' 

Note, selecting 'libfreefare-bin' instead of '../Iibfreefare-bin_0.4.0-2buxyl_amd64.deb’ 
The following packages will be upgraded: 
libfreefare-bin libfreefare© 

2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 

Need to get 0 B/69,4 kB of archives. 

After this operation, 2 048 B of additional disk space will be used. 

[...] 
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Mbi npeAnoHMTaeM ncno/ib30BaTb apt install BMecTO dpkg -i, 
nocKonbKy OHa oneHb tohko pa6oTaeT c OTcyTCTByK)mnMM 
3aBMCMMOCTflMM. Ho He TaK flaBHO, BaM npnxoAnnocb pa6oTaTb c dpkg, 
t.k. apt He Morna pa6oTaTb c c^ai/maMM .deb 3a npeAe/iaMM /iK)6oro 
peno3MTopn?i. 


yna»<OBU4HK dpkg-buildpackage wrappers 

B Hawe BpeMA pa3pa6oTHMKM Debian name Bcero ncno/ib3yK)T 
nporpaMMy 6o/iee Bbicoicoro ypoBHA, TaxyK) KaK debuild; 

OHa, KaK o 6 bNHO, 3anycKaeT dpkg-buildpackage, ho OHa TaK>Ke 
Ao 6 aB/iaeT Bbi30B nporpaMMbi, KOTopaa 3anycKaeT MHO>KecTBO 
npoBepoK A-n^ noATBep>KA 6 HMfl cooTBeTCTBMfl creHepnpoBaHHoro 
naKeTa no/iMTMKe Debian 36 . 3 tot cKpi/inT Tao<e onmuaeT cpeAy, 
HTo 6 bi /lOKa/ibHbie nepeMeHHbie cpeAbi He 3arpfl3Hfl/iM c 6 opKy naKeTa. 
KoMaHAa debuild AB/ifleTca oahmm m 3 MHcrpyMeHTOB b naKeTe 
devscripts, KOTopbiPi MMeeT onpeAe/ieHHyK) comacoBaHHOCTb m 
KOH cfjMrypaMMK), HTo 6 bi 06 /ierHMTb 3aAany cneuMa/iMcraM no 
noAAep>KKe. 


9.2 llepeKOMnM/im^km a^pa Linux 

flApa, npeAOCTaB/ieHHbie Kali, BK/iKDHaKJT b ce6a MaKCMMa/ibHO 
B03M0>KH0e KO/lMHeCTBO CjoyHKUMM, a T3 K>Ke MaKCMMa/lbHOe 
KO/iMHecTBO ApaPiBepoB, HTo6bi oxBaTMTb caMbiM LUHpoKMM cneKTp 
cymecTByK)mnx annapaTHbix KOHc^MrypauMPi. Bot noneMy HeKOTopbie 
no/ib30BaTe/in npeAnoHi/ua kdt nepeKOMnnnnpoBaTb aapo, HTo6bi 
BKJIKDHHTb TO/lbKO TO, HTO MM Hy>KHO. 3T0r0 eCTb ABe npMHMHbl. 

Bo-nepBbix, bto cnoco6 onTMMM3auMM noTpe6/ieHMfl naMATM, 
nocKonbKy Becb koa ^Apa, Aa>Ke ec/iM oh HMKorAa He Mcno/ib3yeTCfl, 
33HMMaeT C|DM3MHeCKyK) naMflTb. riOCKO/lbKy CTaTMHeCKM 
CKOMnM/iMpoBaHHbie nacTM 9\f \pa HMKorAa He nepeMemaKDTca b MecTO 
noAKaHKM, o6mee cHM>KeHMe npoM3BOAMTe/ibHOCTM cMCTeMbi 6yAeT 

Bbl3BaHO C03AaHMeM APaMBepOB M BCTpoeHHbIX Cj^yHKUMM, KOTOpbie 
HMKorAa He Mcno/ib3yK)TCfl. Bo-BTopbix, coKpameHMe KO/iMnecTBa 
ApaPiBepoB m cfjyHKMMM ^Apa cHM>KaeT pmck npo6/ieM c 


36 https://www.debian.org/doc/debian- policy/ 
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6e3onacHOCTbK), nocKO/ibicy Bbino/iHfleTCfl TO/ibKO nacTb AOCTyrmoro 
KOfla RApa. 

9TO B3>KHO 3HaTb 

/r\ Ec/im Bbi peniMTe cKOMnn/inpoBaTb co6cTBeHHoe aapo, Bbi 
V/ 1 flo.n>KHbi npMHfiTb c/ieAyK)inne yc/iOBi/m: Kali He MO>KeT 
o6ecneHMTb o6HOB/ieHi/m 6e3onacHOCTM A-rm Bamero 
no/ib30BaTe/ibCKoro aa pa, T.e. ^Apa, KOTopoe Bbi cKOMnnnnpoBa/in 
noA cbom Hy>KAbi. CoxpaHfla rapo, npeAOCTaB/ieHHoe Kali, Bbi 
no/iynaeTe npei/iMymecTBa ot o6HOB/ieHMM, noAroTOB/ieHHbix 
npoeKTOM Debian. 

nepeKOMni/irmui/m aa pa, Ta K>Ke Heo6xoAHMa, ecni/i Bbi xoTMTe 
ncnonb30BaTb onpeAe/ieHHbie cBOMCTBa, KOTopbie TO/ibKO AOCTynHbi b 
KanecTBe naTHen (KOTopbie He BK/noneHbi b cTaHAapTHyio Bepcmo 
RApa). 


CnpaBOHHMK pa Debian (Debian Kernel Handbook) 

KoMaHAa Debian noAAepwi/iBaeT cnpaBOHHmc AApa Debian ( Debian 
Kernel Handbook (TaK>Ke AOCTynHbiPi b naiceTe debian-kernel- 
handbook )) c o6lumphom AOKyMeHTaqi/iei/i o 60/1 bin i/mcTBe cBA3aHHbix 
C flAPOM 3aAaHH?1X M O TOM, K3KMM o6pa30M 06pa6aTblBaK)TCfl 
ocj^MUMa/ibHbie naKeTbi AApa Debian. 3 to to MecTO, k KOTopoMy BaM 
c/ieAyeT o6pamaTbCfl b nepByio onepeAb, ecrm BaM Hy>KHO no/iyni/iTb 
6o/ibiiie MHcJ^opMauHM, neM 6bmo npeAOCTaB/ieHO b btom pa3Ae/ie. 
http://kernet-handbook.atioth.debian.org 


9.2.1 BBeA,eHne m Heo6xoA,wvibie 3HaHMfl 

HeyAHBHTe/ibHO, hto Debian h Kali ynpaB/iaiOT aapom b cjoopMe 
naKeTa, KOTopbiPi TpaAHUMOHHO He KOMm/mi/ipyeTCfl m He 
ycTaHaBnHBaeTca. nocKO/ibKy bapo ocraeTca noA KOHTpo/ieM ci/icreMbi 
naiceTMpoBaHMfl, oho MO>KeT 3aTeM 6biTb hmcto yAaneHO m/im 
pa3BepHyT0 Ha HecKO/ibKMx Mawi/max. KpoMe Toro, cicpi/inTbi, 
CBfl3aHHbie C 3TMMM naKeTaMM, aBT0MaTM3MpyK)T B3aMM0ASMCTBHe c 
Hana/ibHbiM 3arpy3HMK0M m initrd reHepaTopoM. 
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B McxoAHbix Linux-MCTOHHMKax coAep>KMTCJR Bee Heo6xoAHMoe A-n^ 
co3AaHi/m naKeTa aa pa Debian, ho BaM Bee paBHO hy>kho ycTaHOBHTb 
naKeT build-essential , HTo6bi y6eAHTbca, hto y Bac ecTb 
MHCTpyMeHTbi, Heo6xoAHMbie A-rm c6opKn naKeTa Debian. KpoMe Toro, 
3Tan KOHcj3nrypaunM aa pa Tpe6yeT naKeT Iibncurses5-dev. \A HaKOHeu, 
naKeT fakeroot no3BO/inT co3AaTb naKeT Debian 6e3 KaKnx-rm6o 
aAMMHMCTpaTMBHbix npnBi/merm/i. 


# apt install build-essential libncurses5-dev fakeroot 


9.2.2 noAyneHMe mctohhmkob 

nocKO/ibKy McxoAHbie cj^aM/ibi 9 \ f \ pa Linux AOCTynHbi b bhag naKeTa, 
Bbi MO>KeTe i/i3B/ieHb hx c noMombK) ycTaHOBKM Unux-source-version 
package. KoMaHAa apt-cache search ~linux-source AO/i>KHa noKa3aTb 
nocneAHKDK) BepcMK) flApa naKeTnpoBaHHyK) Kali. 06paTHTe 
BHHMaHkie, hto i/icxoAHbin koa, KOTopbin coAepwnTCfl b 3T mx naKeTax 
He cooTBeTCTByeT TOMy, KOTopbin 6bm ony6nnKOBaH Jli/mycoM 
TopBanbACOM (Linus Torvalds) n pa3pa6oTHMKaMn ^Apa 37 ; KaK n Bee 
AncTpn6yTHBbi Debian n Kali npnMeHaeT onpeAe/ieHHoe KO/innecTBO 
McnpaB/ieHMH, KOTopbie MoryT (nnn He MoryT) HanTn cbom nyTb b 
o6HOB/ieHHyK) BepcMK) Linux. 3th n3MeHeHi/m BK/iK)HaK)T b ce6a 
pe3epBHbie Koni/in ncnpaB/ieHnn/cJ^yHKunn/ApanBepoB 1/13 6o/iee 
HOBbix BepcHM 5 \ r pa, HOBbie cj^yHKMMM, KOTopbie eme He 6bmn 
no/iHOCTbK) o6"beAHHeHbi b cooTBeTCTByK>mee AepeBO Linux, a nHorAa 
Aa>Ke oco6bie n3MeHeHna Debian n/in Kali. 

OcTaBLuaacfl nacTb AaHHoro pa3Aena 6yAeT cocpeAOToneHa Ha Bepcnn 
9 \ f \ pa Linux 4.9, ho AaHHbiPi npnMep, 6e3yc/iOBHO, MO>KeT 6biTb 
aAanTMpoBaH k KOHKpeTHon Bepcnn aa pa, KOTopaa Bac MHTepecyeT. 

B ashhom npHMepe, Mbi npeAno/io>KHM, hto ABonHHbiPi naKeT linux- 
source-4.9 6bm ycTaHOB/ieH. 06paTi/rre BHHMaHHe, hto Mbi 
ycTaHaBnMBaeM ABOHHHbiM naKeT, KOTopbiPi coAep>KHT ncxoAHbie 
hctohhhkh, ho He n3B/ieKaeT McxoAHbiM naKeT Kali noA Ha3BaHneM 
linux. 


37 https://kernel.org/ 
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# apt install linux-source-4.9 

Reading package lists... Done 

Building dependency tree 

Reading state information... Done 

The following additional packages will be installed: 

be libreadline7 
Suggested packages: 

libneurses-dev | ncurses-dev libqt4-dev 
The following NEW packages will be installed: 

be libreadline7 linux-source-4.9 
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded. 

Need to get 95.4 MB of archives. 

After this operation, 95.8 MB of additional disk space will be used. 

Do you want to continue? [Y/n] y 

[...] 

# Is /usr/src 

linux-config-4.9 linux-patch-4.9-rt.patch.xz linux-source-4.9.tar.xz 


06paTMTe BHUMaHne, hto naiceT coa6P>kmt /usr/src/linux- source- 
4.9.tar.xz, oxaTbiM apxuB mctohhhkob aa pa. Bbi AO/i>KHbi M3B/ieHb btm 
ctoaM/ibi b HOByK) AnpeKTopuK) (He HanpjRMyK) b / usr / sre /, Tax KaK 
HeT Heo6xoAHMOCTM b cneui/ia/ibHbix pa3pei±ieHi/mx i\ns\ KOMni/irmum/i 
na pa Linux). Bmccto 3tom, 6onee noAxoAflinePi AnpeKTopi/iei/i 6yAeT - 
/kernel/ 


$ mkdir -/kernel; cd -/kernel 
$ tar -xaf /usr/src/linux-source-4.9.tar.xz 


9.2.3 HacrpoMKa fl^pa 

C^eAyKDLAHM mar COCTOMT B HaCTpOMKe 5\a pa B COOTBeTCTBMM C BaLLIMMM 
noTpe6HOCT?iMM. ToHHaa npoueAypa 3aBncnT ot uenePi, KOTopbie Bbi 
npecneAyeTe. 

C6opKa 9 \ f \ pa 3aBncnT ot c^auna KOHcjDMrypaum/i aa pa. B 6o/ibi±mHCTBe 
c/iynaeB Bbi, cicopee Bcero, 6yAeTe MaKci/iMa/ibHO npi/iAep>KMBaTbCfl 
npeA/io>KeHHOM Kali Bepci/m, KOTopaa, KaK 1/1 Bee AncTpn6yTi/iBbi Linux, 
ycraHaB/iMBaeTCfl b KaTa/ior/boot. B btom cnynae BMecTO toto, HTo6bi 
HacTpaMBaTb Bee c Hyrm, AOCTaTOHHO CAenaTb Konmo c|3ai/i.na 
/boot/config- version. (Bepci/m AO/i>KHa coBnaAaTb c BepckiePi aa pa 
i/icno/ib3yeMoPi Ha AaHHbiPi MOMeHT, KOTopyio mo>kho nav \ jv \ c noMombio 
KOMaHAbi uname -r.) noMecn/iTe Konmo b c^aPm .config b KaTanor, 
coAep>KamHM mctohhhkm aa pa. 
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$ cp /boot/config-4.9.0-kalil-amd64 -/kernel/linux-source-4.9/.config 


B KanecTBe a/ibTepHaTMBbi, nocKO/ibKy aapo npeAOCTaB/ifleT 
KOHct>nrypaunn no yMO/inaHUK) b arch/arch/configs /* _ defconfig, Bbi 
MO>KeTe pa3MecTMTb Bbi6paHHyK) KOHcJ^nrypauMK) c noMombK) KOMaHAbi 
make x86_64_defconfig (b cnynae 64-pa3pnAHoro nK) m/im make 
i386_defconfig (b c/iynaM 32-pa3pRAHoro nK). 

Ec/ii/i BaM He Hy>KHO M3MeHATb KOHcj^HrypauHK), Bbi MO>KeTe 
ocTaHOBHTbejq 3Aecb h cpa3y nepeMTM k pa3Ae/iy 9.2.4 "KoMnMrmuMfl 
h co3AaHne naKeTa" [cTp. 235]. Ec/im we BaM Heo6xoAHMO BHecTM 
n3MeHeHna m/im ec/iM Bbi peuiMTe nepeHacrpoMTb Bee c Hyrm, Bbi 
AonwHbi yAe/iMTb AOCTaTOHHoe KO/iMnecTBO BpeMeHM Ha HacrpoPiKy 
CBoero J^Apa. B mcxoahom KaTa/iore aa pa ecTb pa3/iMHHbie 
BbiAeneHHbie MHTepcJoeMCbi, KOTopbie mowho Mcno/ib30BaTb, Bbi3biBaa 
KOMaHAy make target, i~Ae target nBnnejcn oahmm H3 3HaneHMM, 
onncaHHbix Hkiwe. 

make menuconfig KOMnnnnpyeT m 3anycKaeT TeiccTOBbiM pewMM 
HHTepc^ePica KOHc}3Mrypai4MM HApa (3Aecb Tpe6yeTCjR naiceT 
Hbncurses5-dev ), KOTopbiM no3BO/ifleT nepeMemaTb MHOwecTBO 
AOCTynHbix napaMeTpoB aa pa b MepapxMnecicyK) CTpyKTypy. HawaTMe 
K/iaBmuM «npo6e/i» n3MeHJieT 3HaneHMe Bbi6paHHoro napaMeTpa, a 
«Bboa» noATBepwAaeT npaBM/ibHOCTb KHonicM, Bbi6paHHyK) b HMWHePi 
nacTM aicpaHa; Select B03BpamaeT Bbi6paHHoe noAMeHio; BbixoA 
(Exit) 3aKpbiBaeT TeKymMM aicpaH m B03BpamaeTca b MepapxMio; 
CnpaBKa (Help) 6yAeT OTo6pa>KaTb 6o/iee noApo6Hyio MHcjDopMauMK) o 
po/iM Bbi6paHHoro BapMaHTa. K/iaBMLUM co crpe/iKaMH no3BormK)T 
nepeMemaTbca no cnHCKy onqMi/i h KHonoic. HTo6bi BbiMTM m3 
nporpaMMbi HacrpoPiKM, Bbi6epnTe «BbixoA» M3 maBHoro MeHio. 3aTeM 
nporpaMMa npeA-naraeT coxpaHMTb cAe/iaHHbie BaMH n3MeHeHHjq; 
npi/iHMMaMTe, ec/iM Bbi yAOB/ieTBopeHbi cbommm Bbi6opaMM m xoTi/ue 
COXpaHHTb MX. 

flpyme MHTepcjDeMCbi o6naAaK)T noxowMMM c^yHKUMflMM, ho ohm 
pa6oTaK)T b 6o/iee coBpeMeHHbix rpacj^MHecKMx MHTepc^eMcax, tbkmx 
KaK make xconfig, KOTopbiM Mcno/ib3yeT rpacfjMHecKMM MHTepcj^eMC Qt 
m make gconfig, KOTopbiM Mcno/ib3yeT GTK +. nepBbiM Tpe6yeT Ubqt4- 
dev, a nocneAHMM 33bmcmt ot \ibg\ade2-dev m Iibgtk2.0-dev. 
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Pa6oTa c ycrapeBiuuMM .config 4>aM/iaMM 

Korfla Bbi npeAOCTaB/ijReTe cJoaPm .config, KOTopbiPi 6bm creHepnpoBaH 
c ApyroPi (o6bNHO 6o/iee CTapoPi) Bepci/iePi aa pa, BaM npi/iAeTca 
o6HOBMTb ero. Bbi MO>KeTe CAe/iaTb bto c noMombK) make oldconfig, 
KOTopbiPi 6yAeT m-uepaKTi/iBHO 3aAaBaTb BaM Bonpocbi, 
COOTBeTCTByKDLUHe HOBbIM HaCTpOMIOM KOHC^MrypaMMM. Ec/IM Bbi 
xoTMTe ncno/ib30BaTb OTBeT no yMO/iHam/iK) A-ns Bcex btux BonpocoB, 
Bbi MO>KeTe ncnojib30BaTb make olddefconfig. Ecni/i Bbi ncnojib3yeTe 
make oldnoconfig, to oh 6yAeT npMHMMaTb OTpi/iuaTe/ibHbiPi otbct Ha 
Bee Bonpocbi. 


9.2.1.KoMnnnai4Hfi n co3AaHne naxeTa 


OnMCTKa nepefl BHecetmeM M3MeHeHnn 

Ec/11/1 Bbi y>xe cKOMnnnnpoBann aa po b AnpeKTopm/i m xoTi/me 
nepecTpoMTb Bee c Hy/ia (HanpuMep, M 3 - 3 a Toro, hto Bbi cymecTBeHHO 
M 3 MeHM/in KOHcJoi/irypaum/i aa pa), to BaM Heo6xoAHMO 6yAeT 
3 anycTMTb make clean A-rm toto, HTo6bi yAa/iMTb cKOMnn.nl/ipoBaHHbie 
cJoaPi/ibi, make distclean yAarmeT Aa>Ke 60/ibiiie creHepupoBaHHbix 
cJoaPi/iOB, BK/iKDHaji .config cJoaPi/i, Tax hto y6eAHTecb, hto Bbi 
npeABapnTe/ibHO CAe/ia/iM pe 3 epBHyio Konmo. 


Kax TO/ibKO KOHcfji/irypaMMM ^Apa 6yAyT roTOBbi, npocraa KOMaHAa 
make deb-pkg creHepi/ipyeT oko/io h 9\ t\a naxeTOB Debian b 
CT aHAapTHOM cJoopMaTe .deb: imux-image-version, KOTopbiPi coAepwnT 
o6pa3 aApa m CB?i3aHHbie c hum MOAy/in; Unux-headers-version, 
KOTopbiPi coAep>KMT cjoaPi/ibi 3aro/iOBKOB, Heo6xoAHMbie A-rm co3AaHi/ia 
BHenmero MOAy.rm; Unux-firmware-image-version, KOTopbm 
coAep>KMT cjoaPi/ibi npoi±inBKi/i, Heo6xoAHMbie A-rm KoppeKTHoPi pa6oTbi 
HexoTopbix ApaPiBepoB (btot naxeT MOweT OTcyTCTBOBaTb b tom 
c/iynae, ec/ii/i Bbi Bbino/iHfleTe co3AaHne M3 hctohhhkob 
npeAOCTaB/ieHHbix Debian m/im Kali); linux-image-version-dbg, 
KOTopbiPi coAep>KMT cMMBO/ibi OT/iaAKM A-rm o6pa3a fiApa m ero 
MOAy/iePi; m linux-libc-dev, KOTopbiPi coAep>KHT 3aronoBKi/i, 
OTHOCfuunecfi k HexoTopbiM 6n6/inoTeKaM no/ib30BaTe/ibCKoro 
npocTpaHCTBa BpoAe 6n6/inoTeKM GNU's C library (glibc). 
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IlyHKT version onpeAermeTca cBfl3bio c cooTBeTCTByK>i±ieM Bepcuei/i 
(KaK 3T0 onpefleneHO nepeMem-iOM VERSION, PATCHLEVEL, 
SUBLEVEL, m EXTRAVERSION b Makefile) KOHcjoMrypauMOHHoro 
napaMeTpa LOCALVERSION, m nepeMeHHOM cpeAbi LOCALVERSION. 

Bepci/m naKeTa noBTopHO ncno/ib3yeT Ty we crpoicy BepcMM c 
Ao6aB/ieHHOM peBM3nePi, KOTopaa peryrmpHO yBe/iMHMBaeTca (m 
coxpai-meTCfl b .version), 3a MCK/uoHeHMeM c/iynaeB, KorAa Bbi 
nepeonpeAe/iaeTe ee c noMombK) nepeMeHHOM cpeAbi 
KDEB PKGVERSION. 


S make deb-pkg LOCALVERSION=-custom KDEB_PKGVERSION=$(make kernelversion)-1 

[...] 

$ Is . ./*.deb 

../linux-headers-4.9.0-kalil-custom_4.9.2-l_amd64.deb 
../linux-image-4.9.0-kalil-custom_4.9.2-l_amd64.deb 
../linux-image-4.9.0-kalil-custom-dbg_4.9.2-l_amd64.deb 
../linux-libc-dev 4.9.2-1 amd64.deb 


p,r\9\ toto HTo6bi, HaKOHeu, ncno/ib30BaTb co3AaHHoe aa po, 
noc/ieAHMM LuaroM, KOTopbiM Heo6xoAHMO npoAe/iaTb nBnnejcn 
ycraHOBKa Tpe6yeMbix naxeTOB c noMombK) dpkg -i file.deb. BaM 
noTpe6yeTCjq naiceT "linux-image"; Taxwe BaM HywHO 6yAeT 
ycTaHOBHTb naxeT "linux-headers" ec/iM BaM Heo6xoAHMO 6yAeT 
C03AaTb HeKOTOpbie BHeLUHMe MOAy/lH, HTO 06 bNH 0 npOMCXOAHT, 
KorAa y Bac ycTaHOB/ieHbi HeKOTOpbie "*-dkms" naxeTbi (bto nerKO 
npoBepMTb c noMombK) dpkg -I "*-dkms" | grep ~ii). B 6o/ibi±iMHCTBe 
cnynaeB BaM He noHaAo6flTc?i HHKaKMe ApyrHe naxeTbi (flo Tex nop, 
noica Bbi neTKO He 6yAeTe yBepeHbi b tom, hto ohm BaM AeMCTBMTe/ibHO 
noHaAo65RTCJRl). 


9.3 Co3AaHkie >KMBoro no/ib30BaTe/ibCKoro Kali ISO o6pa3a 

Kali Linux no yMonnaHMK) 06/iaAaeT o6lumphom c^yHKUMOHa/ibHOCTbK) 
m AOCTaTOHHO BbicoKoPi cTeneHbK) tm6koctm. Kax TO/ibKO Kali 6yAeT 
ycTaHOB/ieH, Bbi cMOweTe Bbino/iHATb BceB 03 M 0 >KHbie yAMBMTe/ibHbie 
Benin co BceM BaniMM TBopnecTBOM, TepneHMeM m npaKTMKOM. OAHaKO 
Bbi MOweTe Taxwe HacTpoMTb c6opKy Kali Tax, HTo6bi OHa coAepwa/ia 
onpeAe/ieHHbie cJoaM/ibi m/im naxeTbi (HTo6bi yBe/iMHMTb m/im 
yMeHbniMTb npoM 3 BOAHTenbHOCTb m KormnecTBO npeAOCTaBnaeMbix 
cj^yHKLiMM) m Morna Bbino/iH 5 iTb onpeAe/ieHHbie cjoyHKUMM 
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aBTOMaTunecKM. Hanpi/iMep, Kali ISO of Doom 38 m Kali Evil Wireless 
Access Point 39 nBnntojcn npeKpacHbiMi/i npoeKTaMi/i, ocHOBaHHbiMM Ha 
MHflMBMAya/ibHOM pea/ii/i3aunn Kali Linux. flaBaPue nocMOTpi/iM Ha 
npouecc co3AaHi/m nonb30BaTe/ibCKoro o6pa3a ISO Kali Linux. 

Oct>Mi 4 na/ibHbie o6pa3bi ISO Kali nocTpoeHbi c noMombK) live-build 40 , 
KOTopbM npeACTaBrmeT co6om Ha6op cueHapMeB, KOTopbiPi 
no3BormeT no/iHOCTbK) aBTOMaTM3npoBaTb m Hacrpoi/iTb Bee acneKTbi 
co3AaHna o6pa3a ISO. live-build suite i/icno/ib3yeT bckd CTpyKTypy 
KaTa/ioroB b KanecTBe BxoAHbix AaHHbix A-rm ero KOHcj3nrypaunn. Mbi 
coxpaHaeM 3Ty KOHc^MrypauMK) 1/1 HeKOTopbie cB?i3aHHbie c Hen 
BcnoMoraTe/ibHbie cKpi/mTbi b peno3MTopnn live-build-config Git. Mbi 
6yAeM ncno/ib30BaTb 3 tot peno3i/iTopm/i b KanecTBe ocHOBbi A-rm 
co3AaHMjR MHAHBHAya/ibHbix nonb30BaTenbCKMx o6pa30B. 


9.3.1 YdaHOBKa HeoSxOAMMbIX KOMnOHeHTOB 

llepBbiM mar 3aK.moHaeTCfl b tom, HTo6bi ycraHOBMTb naKeTbi, KOTopbie 
Heo6xoAHMbi A-rm M3B/ieHeHi/m Git peno3MTopi/m c KOHcJoi/irypauMeM Kali 
live-build: 


# apt install curl git live-build 

[...] 

# git clone git://git.kali.org/live-build-config.git 

[...] 

# cd live-build-config 

# Is 

auto build_all.sh build.sh kali-config README 


Ha 3tom CTaAHH Bbi y>xe MO>KeTe co3AaTb o6HOB/ieHHbiM (ho He 
MOAn<t>nunpoBaHHbiPi) o6pa3 Kali ISO npocTO nyTeM Bbino/iHeHHjR 
./build. sh --verbose, npouecc co3AaHi/m 3aPiMeT AOBO/ibHO MHoro 
BpeMeHM, t.k. oh cHana/ia cKanaeT Bee naKeTbi A-rm BK/noneHi/m hx b 
3tot npouecc. noc/ie 3aBepi±ieHMfl btoto npouecca, Bbi HaPiAeTe 
HOBbiM o6pa3 ISO b AnpeKTopnn images. 


38 https://www. offensive-security.com/kali-linux/kali-linux-iso-of-doom 
39 https://www.offensive-security.com/kali-linux/kali-linux-evil-wireless-access- point/ 
40 http://debian-live.alioth.debian.org/live-build/ 


309 



9.3.2 Cos^aHne >Ki/iBbix o6pa30B c ncno/ib30BaHne/vi pa3/iMHHbix 
cpeA pa6onero CTO/ia 

06o/iOHKa buitd.sh live-build, KOTopyK) Mbi npeflOCTaB/iaeM, nBnnejcn 
OTBeTCTBeHHOM 3a HaCTpOMKy flO/DKHblM 06pa30M flMpeKTOpUM config, 
KOTopyK) paccHMTbiBaeT HaMTi/i live-build. OHa MO>xeT co3flaBaTb 
pa3/iMHHbie KOHcf)Mrypau,m/i b 3aBucuMOCTM ot ee 3HaHeHMM 
yKa3aHHbix b —variant option (Bapi/iaHT onui/m). 

06onoHKa co3flaeT config AnpeKTopi/iK) nyTeM coeAmneHHfi cjDaM/iOB M3 
kali-config/common u kali-config/variant-X, rAe X bto mmjr BapuaHTa, 
3aAaHHoro b napaMeTpe variant. KorAa onui/m KOHKpeTHO He 3aAaHa, 
OHa Mcno/ib3yeT default b KanecTBe HMeHi/i Bapi/iaHTa 

flnpeKTopn}q kali-config coagp>kmt AnpeKTopm/i A-na caMbix 
pacnpocTpaHeHHbix cpeA pa6onero CTO/ia. 

• el7 A-n^ Enlightenment; 

• gnome A-rm GNOME; 

• i3wm A-n^ cooTBeTCTBytomero MeHeA>xepa ynpaB/ieHi/m OKHaMH; 

• kde A-n^ KDE; 

• Ixde A-n^ LXDE; 

• mate A-rm cpeAbi pa6onero cmria Mate (Mate Desktop 
Environment); 

• xfce A-rm XFCE. 

Bapi/iaHT light AB-rmeTca HeMHoro oco6eHHbiM; oh ocHOBaH Ha XFCE 41 
m ncno/ib3yeTCB A-rm co3AaHi/m ocj^MUMa/ibHoro "light" ISO o6pa3a, 
KOTopbiM coAep>KMT coKpamsHHbiM Ha6op npn/io>KeHm/i. 

Bbi MO>xeTe c /lericocTbK) co3AaTb Kali >kmbom o6pa3, ncno/ib3yB KDE b 
KanecTBe cpeAbi pa6onero CTO/ia c noMombK) oahhohhom KOMaHAbi: 


# ./build.sh --variant kde --verbose 


3Ta KOHuenui/m Bapi/iaHTa ( variant ) AonycicaeT HeKOTopbie 
npeAonpeAe/ieHHbie HacrpoMKM Bbicoxoro ypoBHA, ho ecrm Bbi 


41 https://www.xfce.org/ 
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noTpaTi/ue BpeMA Ha 03HaK0MneHne c pykoboactbom >kmbom cMcreMbi 
Debian (Debian Live System Manual 42 ), Bbi o6Hapy>KMTe MHO>KecTBO 
Apyr mx cnoco6oB A-nfl HacrpoMKM o6pa30B, npocTO M3MeHHB 
coAep>KaHMe cooTBeTCTByK)meM noAKaTeropMM kali-config. B 
c/ieAyKDmux pa3Ae/iax npMBeAeHbi HeKOTopbie npHMepbi. 


9.3.3 1/13/vieHeHMe Ha6opa yciaHOBAeHHbix naKeTOB 

nocne 3anyci<a live-build ycraHaB/iMBaeT Bee naiceTbi, 
nepeHMc/ieHHbie b c^ai/max package-lists/*.list.chroot. KoHc^MrypaumR 
no yMonnaHHK), KOTopyK) Mbi npeAOcraB.rmeM, BK/nonaeT b ce6a cjoa m/i 
package-lists/kali.list.chroot, b kotopom nepeni/icrmeTCfl kali-linux-full 
(ochobhom MeTa-naxeT, KOTopbiPi cmrMBaeT Bee naiceTbi Kali A-rm 
BK/iK)HeHi/m). Bbi MO>KeTe 3aKOMMeHTnpoBaTb 3 tot naiceT m noMecn/iTb 
ApyroPi MeTa-naxeT no BameMy Bbi6opy m/im BicmoHMTb TOHHbiM Ha6op 
Apyr mx naxeTOB. Bbi Tai<>Ke MO>KeTe KOM6nHnpoBaTb 06a noAxoAa, 
HaHMHaa c MeTa-naxeTa m Ao6aB/iaa AononHMTenbHbie naiceTbi no 
BameMy Bbi6opy. 

C noMombK) package-lists, Bbi MOweTe TO/ibKO BK/nonaTb naiceTbi, 
KOTopbie flBrmiOTCfl y>Ke AOCTynHbiMM Ha ocjDMUMa/ibHbix peno3MTopi/mx 
Kali. Ho ec/iM y Bac ecTb no/ib30BaTe/ibCKne naiceTbi, Bbi MO>KeTe 
BKJlKDHMTb MX B >KMBOM 06pa3, nOMeCTMB C^aM/lbl .deb B AHpeKTOpMK) 

package.chroot (HanpMMep, kali-config/config-gnome/packages. 

Chroot, ec/iM Bbi co3AaeTe BapMaHTA-rm GNOME). 

MeTa-naxeTbi - bto nycTbie naiceTbi, eAUHCTBeHHaa qe/ib KOTopbix 
MMeTb MHoro 3aBMCMMOCTeM ot Apyrux naxeTOB. Ohm ynpomaiOT 
ycTaHOBKy Ha6opoB naiceTOB, KOTopbie Bbi nacTO xoTMTe ycTaHOBMTb 
BMecTe. HcxoAHbiM naxeT kali-meta co3AaeT Bee MeTanaiceTbi, 
npeAOCTaBnaeMbie Kali Linux: 

• kali-linux: 6a30Baa cMCTeMa (oh M3B/ieicaeTCfl BceMM apytmmm 
MeTa naxeTaMM) 

• kali-linux-full: MHCTan/iauM^ Kali Linux no yMO/inaHMK) 

• kali-linux-all: MeTa naiceT Bcex MeTa naiceTOB m Apyrnx naiceTOB 
(npaKTMnecKM Bee, hto npeAOcraB.rmeT Kali Tax hto MMeMTe 
BBMAy, HTO OH AeMCTBMTe/lbHO OrpOMeHl) 


42 http://debian-live.alioth.debian.org/live-manual/unstable/manual/html/live-manual.en.html 
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• kali-linux-sdr: MHCTpyMeHTbl Software Defined Radio (SDR) 

• kali-linux-gpu: 1/lHcrpyMeHTbi c rpac^MHecKMM npoueccopoM 
(MHCTpyMeHTbl, MCnO/lb3yK)IHMe BbNMC/lMTe/lbHyK) MOLUHOCTb, 
AOCTynHyK) Ha BauieM rpacjDMHecKOM KapTe) 

• kali-linux-wireless: 6ecnpoBOAHaa oqeHica m MHCTpyMeHTbl 
aHa/iM3bi 

• kali-linux-web: MHCTpyMeHTbl oueHKM Be6 npM/io>KeHMM 

• kali-linux-forensic: KpMMMHa/iMCTMHecKMe MHCTpyMeHTbl (noMCK 
AaHHbIX O TOM, HTO np0M30LU/10) 

• kali-linux-voip: MHCTpyMeHTbl Voice Over IP 

• kali-linux-pwtools: MHCTpyMeHTbl B3/iOMa naporm 

• kali-linux-toplO: AecaTb caMbix nony/iflpHbix MHCTpyMeHTOB 

• kali-linux-rfid: RFID MHCTpyMeHTbl 

Bbi MO>KeTe Mcno/ib30BaTb btm MeTa naxeTbi, KorAa Bbi co3AaeTe 
cnMcoic no/ib30BaTe/ibCKMx naiceTOB A-rm live-build. no/iHbiM cnncoK 
AOCTynHbix MeTa naiceTOB m MHCTpyMeHTOB, KOTopbie BK/iK)HeHbi b hmx, 
MO>KHO H3MTM, nepeMA^ no COOTBeTCTByiOLUSM CCblJIKe 

http://tools.kali. org/kali-metapackages 


Debconf npecnflMHr ycTaHOB/ieHHbix naxeTOB 

Bbi MO>KeTe npeAOCTaBMTb Debconf preseed cjoan/ibi (cmotpm pa3Aen 
4.3.2, "Co3AaHMe Preseed c^aM/ia" [cTp. 93] A-rm no/iyneHMA 
pastJRCHeHMM) b KanecTBe preseed/*.cfg c^aM/iOB. Ohm 6yAyT 
Mcnonb30BaHbi A-nfl HacTpoMKM naxeTOB ycTaHOB/ieHHbix b >kmbom 
(J jaM/lOBOM CMCTeMe. 


9.3.4 McnoAb30BaHne pa3AMHHbix xyKOB f\nn HacTpoMKM 
coA,ep>KMMoro o6pa3a 

live-build npeA-naraeT pa3/iMHHbie xyKM, KOTopbie MoryT 6biTb 
Bbino/iHeHbi Ha pa3/iMHHbix cTa amax npoqecca c6opkm. XyKM Chroot 
9\Br\9\\OTC9] Mcno/iHfieMbiMM cKpunTaMM, KOTopbie Bbi ycraHaB/iMBaeTe 
KaK cj^aunbi hooks/live/*.chroot b cBoeM AepeBe KOHcjDMrypauMM m 
B bino/iHjRK)TCJR BHyTpM chroot. Xotjr chroot - bto KOMaHAa, KOTopaa 
n03B0/lfieT BpeMeHHO M3MeHMTb KOpHeByK) AHpeKTOpMK) 
onepauMOHHOM cMCTeMbi Ha Bbi6paHHyio BaMM, OHa Tao<e 
Mcnonb3yeTc?i pacniMpeHMeM A-rm o6o3HaneHMfl KaTa/iora, b kotopom 
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pa3MemaeTca noriHoe (a/ibTepHaTMBHoe) AepeBO <£aMAOBOM cMCTeMbi. 
B 3tom c/iynae c live-build, KaTa/ior chroot aba^tcs KaTa/ioroM, b 
KOTOpOM TOTOBHTCJR >KMBafl CfjaMAOBafl CMCTeMa. IIOCKO/lbKy 
npnno>KeHMfi, 3anymeHHbie b chroot, He bmahh 3a npeAenaMM 3Toro 
KaTa/iora, TO>Ke caMoe npoMcxoAMT c xyicaMM chroot: Bbi MO>xeTe 
ncno/ib30BaTb m n3MeHsiTb Bee AOCTynHoe b stom cpeAe chroot. Mbi 
no/iaraeMCA Ha Te xyKM, KOTopbie ncno/ib3yK)TCfl aaa BbinoAHeHMA 
HecKO/ibKMx cneuna/ibHbix Hacrpoeic Kali (cm. kali-config/common/ 
hooks/live/kali-hacks, chroot). 

BkiHapHbie xy km (hooks/live/*.binary) BbinoAHAKrrcfl b KOHTeKCTe 
npoqecca c6opkm (ohm He MoryT 6biTb Bbi3BaHbi c noMombK) chroot), 
a MMeHHO Ha CTaAnn ero 3aBepi±ieHMA. Bbi MO>KeTe MOAncfJMUMpoBaTb 
coAep>KMMoe c6opkm ISO o6pa3a, ho He caMy >KMByK) c^aPi/iOByK) 
CMCTeMy, t.k. Ha stom 3Tane OHa 6bma y>Ke creHepMpoBaHa. Mbi 
Mcno/ib3yeM 3Ty oco6eHHOCTb b Kali aaa npoBeAeHMA HeKOTopbix 
M3MeHeHMM b KOHcfjMrypauMM no yMonnaHMK) isolinux, KOTopaa 6bma 
creHepMpoBaHa live-build. HanpMMep, 03HaK0MbTecb c kali- 
config/common/hooks/live/persistence.binary, rAe Mbi Ao6aB.rmeM 
nyHKTbi 3arpy30HHoro MeHK), npeAHa3HaneHHbie aaa BKAioneHMA 
nOCTO^HHOrO XpaHMAMLLja AaHHbIX. 


9 . 3.5 AoSaBAeHMe <t>aMAOB b o 6 pa 3 ISO mam b 4 >aMAOByK) 

CMCTeMy 

Eme oahmm oneHb pacnpocTpaHeHHbiM cnoco6oM HacrpoMKM abaactca 
A o6aBAeHMe <£aMAOB b >KMByK) cj^aMAOByK) CMCTeMy mam b o6pa3 ISO. 

Bbi MO>KeTe Ao6aBAATb cJoaM/ibi b >KMByK) c^aMAOByio CMCTeMy, noMemaa 
mx b o>KMAaeMoe MecTonoAO>KeHMe b AMpeKTopMK) includes.chroot 
config. HanpMMep, ecTb cj^aMA kali-config/common/ 
includes.chroot/usr/lib/live/config/0031-root-password, KOTopbiM 
OKa3biBaeTCA no aApecy /usr/lib/ live/config/0031- root-password b 
>KMBOM Cj^aMAOBOM CMCTeMe. 


Live-Boot xyxn 

CKpMnTbi, ycTaHOBAeHHbie KaK /lib/live/config/XXXX-na/ne 
BbinoAHAKDTCA cueHapMeM init naiceTa live-boot. Ohm 
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peK 0 Hcj 3 MrypnpyK)T MHorne acneKTbi cncreMbi, noAxoAfliAMe A-rm 
>KMBOM CMCTeMbi. Bbl MO>KeTe A06aBMTb BaLUM C06CTBeHHbie CKpMIITbl 
A.rm HacrpoMKM BauiePi >kmbom CMCTeMbi bo BpeMfl ee pa60Tbi: B 
nacTHOCTM, ohm Mcno/ib 3 yK)TCfl, HanpMMep, Ann pea/iM 3 auMM 
no/ib 30 BaTe/ibCKMx napaMeTpoB 3 arpy 3 KM. 


Bbi MO>KeTe Ao6aBMTb cjoaM/ibi b ISO o6pa3 nyTeM pa3MemeHMfl mx b 
o>KMAaeMOM MecTe KOHcf)MrypaMMOHHOM AnpeKTopMM includes.binary. 
HanpMMep, ecTb cj^aPm kali-config/common/includes.binary/ 
isolinux/splash.png KOTopbiM nepeonpeAermeT c^OHOBoe 
M3o6pa>KeHMe, Mcno/ib3yeMoe 3arpy3HMKOM Isolinux (KOTopbiM 
xpaHMTCJR b /isolinux/splash.png b cj^aPmoBoPi cMCTeMe o6pa3a ISO). 


9.4 Ao6aB/iehme nocroAHHoro xpaHM/mma AaHHbix b 
>kmbom o6pa3 ISO c noMOLUbK) USB HaKonme/iB 
(Heo6xoflMMa npaBKa o6mero coAepxom/m) 

9.4.1 OcobeHHOCTM nOCTOAHHOTO XpaHMAMUJ,a MHC|)OpMaLl 1 MM: 
PastfiCHeHMe ocHOBHbix MO/vieHTOB (HeobxoAMMa npaBKa o6uj,ero 
C0Aep>KaHM«) 

fla/iee, Mbi o6cyAMM niarM, KOTopbie Heo6xoAMMO npoAe/iaTb Ann 
Ao6aBneHM?i nocTOBHHoro xpaHM/iMLua MH(f)opMai 4 MM b Kali USB 
HaKonMTe/ib. Ben cyTb >kmbom CMCTeMbi 3aK/iiOHaeTCfl b ee 
acjDeMepHOCTM. Bee AaHHbie, KOTopbie xpaHATCfl b >kmbom CMCTeMe m 
Bee M3MeHeHMa, npoM3BeAeHHbie b HePi, TepaioTCfl noc/ie 
nepe3arpy3KM. 

HTo6bi McnpaBMTb bto, Bbi MO>xeTe Mcno/ib30BaTb cfjyHKUMio live-boot, 
Ha3biBaeMyio nocTOAHHbiM xpaHM/iMmsM MHcjDopMauMM (persistence), 
KOTopaB aKTMBMpyeTCjq, KorAa b napaMeTpbi 3arpy3KM BK/noneHO 
K/noneBoe c/iobo persistence.llocKO/ibKy BHeceHMe M3MeHeHMM b 
3arpy30HHoe MeHio aB/iaeTca AOBO/ibHO HenpocToPi 3aAanePi, Kali 
BKniOHaeT b ce6a Aaa nyHKTa MeHio no yMO/inaHMio, KOTopbie 
no3BO/iBK)T BKniOHMTb nocTOAHHoe xpaHM/iMins ' Live USB Persistence 
m Live USB Encrypted Persistence, KaK noKa3aHO Ha PMcyHKe 9.1, 
"flyHKTbi Persistence b MeHio" [cTp. 240]. 
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PucyHOK 9.1 IlyHKTbi Persistence b MeHto 


Korfla AaHHoe cbomctbo 6yAeT aKTi/iBHO, live-boot npocKaHi/ipyeT Bee 
pa3Ae/ibi b noMCKax c^aPi/iOBbix ci/icreM, noMeneHHbix KaK persistence 
(hto MO>KeT 6biTb M3MeHeHO c noMombK) napaMeTpa 3arpy3Ki/i 
persistence-label=V'a/ue), m ycTaHOBmuK co3Aacr nocTOBHHoe 
xpaHi/mi/ime AnpeKTopni/i, KOTopbie nepeni/icAeHbi b cj^aM/ie 
persistence.conf, pacno/io>KeHHOM b btom pa3Ae/ie (OAHa AnpeKTopi/m 
yKa3biBaeTca b oahom crpoHKe). Cneuna/ibHoe napaMeTp "/ union" 
no3BonnT no/iHoe coxpaHeHHe Bcex AnpeKTopi/m c noMombK) union 
mount > cneuMa/ibHbiM caom, KOTopbM xpam/iT /imub M3MeHeHHA, 
BHOCMMbie b AaHHbie 6a30B0ki ct>aMAOBOi/i cMCTeMbi. flaHHbie 
AMpeKTopm/i c nocroAHHbiM xpaHM^umeM AaHHbix xpai-mTca b 
c^akinoBOM ci/icreMe, KOTopaa coAepwuT cooTBeTCTByKDLUHM §av\r\ 
persistence.conf. 


9.4.2 Co3A,aHne He 3 aujnc|)poBaHHoro xpaHHAmii.a Ha USB 
HaKonmeAe 

B ashhom pa3AeAe, Mbi npeAnoAO>KMM, hto Bbi noAroTOBHAM Kali Live 
USB HaKoni/iTe/ib, cAeAyfl MHCTpyKMi/mM b pa3AeAe 2.1.4 . 
" KonnpoBaHne o6oa3a Ha DVD-ROM hah USB HaKonme/ib " [cTp. 19], 
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M HTO Bbl MCn0/lb30Ba/lM USB K/1KDH C flOCTaTOHHbIM KOJlHHeCTBOM 
naM^TH (xot n 6bi 3 GB) Ann xpaHeHMfl ISO o6pa3a n aam-ibix 
AnpeKTopm/i, KOTopbie nonaflyT b nocroflHHoe xpaHi/mmue. Mbi TaK>Ke 
npeflno/iaraeM, hto USB HaKonnTenb BOcnpi/mi/iMaeTCfl Linux KaK 
/dev/sdb 1/1 hto oh co,aep>KHT ABa pa3Ae/ia, KOTopbie AB/iaiOTCfl nacTbio 
ISO o6pa3a no yMO/inaHHK) (/dev/sdbl and /dev/sdb2). ByAbTe oneHb 
ocropo>KHbi, Bbino/iHflfl 3Ty npoueflypy. Bbi MO>KeTe c nerKOCTbK) 
yHHHTO>KHTb Ba>KHbie AaHHbie, ecrm cnyHaPiHO Bbino/iHMTe 
pa3Ae/ieHne Ha Haem He Toro AncKa. 

[\nn Ao6aB/ieHM^ hoboto pa3Ae/ia, Bbi AO/i>KHbi 3HaTb pa3Mep o6pa3a, 
KOTOpbIM Bbl CKOm/ipOBa/lH AH9\ TOrO HT06bl HOBbIM pa3Ae/l HaHHHa/lCfl 
Ha tom MecTe, rAe 3aKaHHMBaeTCfl >khboh o6pa3. fla/iee, ncno/ib3yi/iTe 
KOMaHAy parted Ann Toro, HTo6bi co3AaTb HOBbiki pa3Aen. KoMaHAbi, 
npMBeAeHHbie Hn>Ke, aHann3npyiOT ISO o6pa3 noA H33BaHneM kati- 
tinux-2016.l-amd64.iso, KOTopbiPi, KaK npeAno/iaraeTCA, TaK>Ke 
npMcyTCTByeT Ha USB HaKonnTe/ie: 


# parted /dev/sdb print 

Model: SanDisk Cruzer Edge (scsi) 

Disk /dev/sdb: 32,0GB 

Sector size (logical/physical): 512B/512B 
Partition Table: msdos 
Disk Flags: 

Number Start End Size Type File system Flags 

1 32,8kB 2852MB 2852MB primary boot, hidden 

2 2852MB 2945MB 93,4MB primary 

# start=$(du --block-size=lMB kali-linux-2016.l-amd64.iso | awk '{print $1}') 

# echo "Size of image is $start MB" 

Size of image is 2946 MB 

# parted -a optimal /dev/sdb mkpart primary "${start}MB" 100\ 

Information: You may need to update /etc/fstab. 

# parted /dev/sdb print 

Model: SanDisk Cruzer Edge (scsi) 

Disk /dev/sdb: 32,0GB 

Sector size (logical/physical): 512B/512B 
Partition Table: msdos 
Disk Flags: 


Number 

Start 

End 

Size 

Type 

File system Flags 

1 

32,8kB 

2852MB 

2852MB 

primary 

boot, hidden 

2 

2852MB 

2945MB 

93,4MB 

primary 


3 

2946MB 

32,0GB 

29,1GB 

primary 
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noc/ie Toro, KaK Bbi co3Aa/iM HOBbiM pa3Ae/i /dev/sdb3, 
OTcfjopMaTupyMTe ero b c^aM/iOBOM cMCTeMe ext4 m Ha3HanbTe eMy 
MeTKy «persistence» c noMombK) KOMaHAbi mkfs.ext4 (m ee onuMM -L 
A.rm Ha3HaHeHMfi MeTKM). 3aTeM pa3Ae/i MOHTMpyeTCA b /mnt 
AMpeKTopi/iK), m Bbi Ao6aB/iaeTe Heo6xoAHMbiM c^aPm KOH(J}Mrypai4MM 
persistence.conf. KaK o6bNHO, He ctomt 3a6biBaTb o tom, hto 
Heo6xOAHMO 6blTb OHeHb BHMMaTe/lbHblM BO BpeMfl Ct30pMaTMp0BaHMJR 
AMCKa, nocKO/ibKy Bbi MO>KeTe HaBcerAa noTep^Tb qeHHyK) 
MHcjDopMauMK), ec/iM Bbi OTcj^opMaTMpyeTe HeBepHbiPi ahck m/im pa3Ae/i. 


# mkfs.ext4 -L persistence /dev/sdb3 

mke2fs 1.43-WIP (15-Mar-2016) 

Creating filesystem with 7096832 4k blocks and 1777664 inodes 
Filesystem UUID: dede20c4-5239-479a-bll5-96561ac857b6 
Superblock backups stored on blocks: 

32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
4096000 

Allocating group tables: done 
Writing inode tables: done 
Creating journal (32768 blocks): done 

Writing superblocks and filesystem accounting information: done 

# mount /dev/sdb3 /mnt 

# echo "/ union" >/mnt/persistence.conf 

# Is -l /mnt 

total 20 

drwx.2 root root 16384 May 10 13:31 lost+found 

-rw-r--r-- 1 root root 8 May 10 13:34 persistence.conf 

# umount /mnt 


USB HaKonMTe/ib Tenepb totob m Bbi MO>KeTe 3arpy>xaTbCfl c Hee c 
ncnonb30BaHneM nyHKTa MeHio 3arpy3KM "Live USB Persistence". 


9.4.3 Co3AaHne 3amnc|)poBaHHoro xpaHMAmjj,a Ha USB 
HaKonmeAe (HeoSxoAMMbi npaBKM Ha3BaHi/m b oSine/vi 

coAepwaHMM) 

live-boot Taxxce MOxceT o6pa6aTbiBaTb nocroflHHbie xpaHM/iMLua 
CjDaMAOBbIX CMCTeM Ha 3aLLJMCj3pOBaHHblX pa3Ae/iaX. TaKMM 06pa30M, Bbi 
MOxceTe 3amnTMTb AaHHbie nyTeM co3AaHMA 3ai±ii/icj3poBaHHoro 
pa3Ae/ia LUKS, b kotopom ohm m 6yAyT HaxoAHTbCA. 
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Hana/ibHbie warn OAi/maKOBbi BrmoTb ao co3AaHi/m pa3Ae/ia, ho 
BMecTO cjDopMaTHpoBaHM^ ero b cj^aPinoBOH cMCTeMOM ext4 
ncno/ib3yPiTe cryptsetup A-ns MHm4na/iM3aunn ero KaK KOHTePmepa 
LUKS. 3aTeM OTKpoMTe btot KOHTePmep h Hacrpoi/iTe c|)ai/i.noByK) 
CMCTeMy ext4 TaK we, KaK m npH co3AaHnn HeniMc^poBaHHoro 
xpaHH/iHma, ho BMecTO ncno/ib30BaHMjq pa3Ae/ia /dev/sdb3 
ncno/ib3yPiTe BHpTyanbHbiPi pa3Ae/i, co3AaHHbiPi cryptsetup. 3tot 
BHpTyanbHbiPi pa3Aen npeACTaB/iaeT ASLuncf)poBaHHoe coAepwi/iMoe 
3aniMct3poBaHHoro pa3Ae/ia, KOTopbiPi AOCTyneH b /dev/mapper noA 
HMeHeM, KOTopoe Bbi eMy Ha3HaHi/mn paHee. B npi/iBeASHHOM Hn>Ke 
npMMepe Mbi 6yAeM ncno/ib30BaTb hm n kali_persistence. OnflTb we, 
y6eAHTecb, hto Bbi ncno/ib3yeTe npaBmibHbm ahck h pa3Ae/i. 


# cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb3 

WARNING! 


This will overwrite data on /dev/sdb3 irrevocably. 

Are you sure? (Type uppercase yes): YES 

Enter passphrase: 

Verify passphrase: 

Command successful. 

# cryptsetup luksOpen /dev/sdb3 kalipersistence 

Enter passphrase for /dev/sdb3: 

# mkfs.ext4 -L persistence /dev/mapper/kali_persistence 

mke2fs 1.43-WIP (15-Mar-2016) 

Creating filesystem with 7096320 4k blocks and 1774192 inodes 
Filesystem UUID: 287892cl-00bb-43cb-b513-81cc9e6fa72b 
Superblock backups stored on blocks: 

32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
4096000 

Allocating group tables: done 
Writing inode tables: done 
Creating journal (32768 blocks): done 

Writing superblocks and filesystem accounting information: done 

# mount /dev/mapper/kali_persistence /mnt 

# echo "/ union" >/mnt/persistence.conf 

# umount /mnt 

# cryptsetup luksClose /dev/mapper/kali_persistence 
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9.4.4 Mcno/ib30BaHi/m HecKO/ibKi/ix nocroflHHbix xpaHM/iMLU, 
MHC|)OpMaLl 1 MM 

Ec/im Bbi ncnonb3yeTe Bamy >KMByK) Kali ci/icreMy b pa3/iMHHbix 
ci/iTyauMflx, Bbi MO>KeTe ncno/ib30BaTb HecKO/ibKO c^aPi/iOBbix cMcreM c 
pa3/iMHHbiMn OTMeTKaMM m yKa3biBaTb b KOMaHAHOM cTpoxe 3arpy3KM, 
icaica n c^aM/iOBafi ci/icreMa AO/i>KHbi 6biTb ncno/ib30BaHa b KOHKpeTHOM 
ceaHce pa6oTbi: bto Ae/iaeTca c noMombK) napaMeTpa 3arpy3KM 
persistence-label = label. 

flaBaPiTe npeAno/io>Ki/iM, hto Bbi npocjDeccMOHa/ibHbiM TecmpoBmmc Ha 
npoHMKHOBeHMe. KorAa Bbi pa6oTaeTe c K/ii/ieHTOM, Bbi ncno/ib3yeTe 
nocTOAHHoe xpaHi/mmue Ha 3ai±ii/ic|}poBaHHOM pa3Ae/ie A-rm toto, 
HTo6bi 3amnTHTb KOHc^MAeHUMa/ibHOCTb BaniHx AaHHbix, b c/iynae 
ec/iM Bam USB HaKoni/iTe/ib 6yAeT yicpaAeH m/im B3/iOMaH. B to we 
caMoe BpeMa, bo3mo>kho, Bbi 3axoTMTe npoAeMOHcrpi/ipoBaTb Kali 1/1 
KaKne-^n6o pex/iaMHbie MaTepi/ia/ibi, KOTopbie xpaHATca Ha 
He3aLun4)poBaHHOM pa3Aene Toro we caMoro USB HaKom/iTerm. 
nocKO/ibicy Bbi He 3axoTMTe BpyHHyio peAaKTi/ipoBaTb napaMeTpbi 
3arpy3KM KawAbiPi pa3, BaM, cxopee Bcero, 3axoneTCfl co3AaTb cbom 
co6cTBeHHbm wi/ibom o6pa3 co cneuMa/ibHbiMi/i nyHKTaMM 
3arpy30HHoro MeHio. 

llepBbiM mar 3aK/iK)HaeTCfl b tom, HTo6bi co3AaTb no/ib30BaTe.nbCKm/i 
live ISO (cMOTpHTe cooTBeTCTBy kdluhm pa3Ae/i 9.3, "Co3AaHi/ie wi/iBoro 
no/ib30BaTe/ibCKoro Kali ISO o6pa3a" [cTp. 236] a Taicwe pa3Ae/i 
9.3.4, "Mcno/ib30BaHne pa3/iMHHbix xyKOB Ann Hacrpoi/iKi/i 
coAepwi/iMoro o6pa3a " [crp. 238]). 

CaMoe rnaBHoe, hto BaM Heo6xoAHMO CAe/iaTb - bto MOAn4>nunpoBaTb 
kali-config/common/hooks/tive/ persistence-menu.binary A-rm Toro, 
HTo6bi oho BbirrmAeno c/ieAyK)LunM o6pa30M (o6paTMTe BHi/iMaHi/ie Ha 
napaMeTpbi persistence-label): 


#!/bin/sh 

if [ ! -d isolinux ]; then 
cd binary 
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cat »isolinux/live.cfg «END 
label live-demo 

menu label ~Live USB with Demo Data 
linux /live/vmlinuz 
initrd /live/initrd.img 

append boot=live username=root hostname=kali persistence-label=demo persistence 
label live-work 

menu label ''Live USB with Work Data 
linux /live/vmlinuz 
initrd /live/initrd.img 

append boot=live username=root hostname=kali persistence-label=work persistence- 
*+■ encryption=luks persistence 


3aTeM Mbi co3flaeM Ham no/ib30BaTe/ibCKnPi ISO h cKoni/ipyeM ero Ha 
USB-HaKonMTenb. 3aTeM Mbi co3flaeM m nHnunanM3npyeM ABa 
pa3fle/ia h c^aPmoBbie cncTeMbi, KOTopbie 6yflyT ncno/ib30BaTbCfl Ann 
opraHH3aunn nocToaHHoro xpaHH/imua flaHHbix. nepBbiPi pa3flen 
ABJiaeTCfl He3amncf)poBaHHbiM (m noMeneH KaK «demo»), a BTopoPi 
6yfleT 3amnct)poBaHHbiM (m noMeneH KaK "work"). npeAno/iaraa, hto 
/dev/sdb bto m ecTb Ham USB-k/ikdh, a pa3Mep Hamero 
nonb30BaTe/ibCKoro ISO-o6pa3a - 3000 MB, oh 6yAeT BbimnaeTb TaK: 


# parted /dev/sdb mkpart primary 3606 MB 55% 

# parted /dev/sdb mkpart primary 55% 166% 

# mkfs.ext4 -L demo /dev/sdb3 

[...] 

# mount /dev/sdb3 /mnt 

# echo "/ union" >/mnt/persistence.conf 

# umount /mnt 

# cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb4 

[...] 

# cryptsetup luksOpen /dev/sdb4 kali persistence 

[...] 

# mkfs.ext4 -L work /dev/mapper/kali_persistence 

[...] 

# mount /dev/mapper/kali_persistence /mnt 

# echo "/ union" >/mnt/persistence.conf 

# umount /mnt 

# cryptsetup luksClose /dev/mapper/kali_persistence 
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l/l Ha 3 tom Bee. Tenepb Bbi MO>KeTe 3arpy>KaTbCfl c USB HaKonHTe/ia i/i 
ncnonb30BaTb HOBbie nyHKTbi b 3arpy30HH0M MeHK), KaK BaM 6yAeT 
yA 06 H 0 . 


flo6aB/ieHne napo/in caMoyHMHTO>t<eHkm a/ia no/iyneHUfl 
flono/iHMTe/ibHOM 6e3onacHOCTM 

Kali MOAn<t>nunpoBan cryptsetup m pea/iM30Ba/i b HeM HOBoe 
cbomctbo: Bbi MO>KeTe ycTaHOBMTb napo/ib caMoyi-MUTOMeHMsi (nuke 
password), KOTopbiPi b c/iynae Mcno/ib30BaHMfl yHMHTO>KaeT Bee 
K/iKDHM, KOTopbie ncnonb3yK)TCfi A-n^ ynpaB/ieHi/m 3ai±ii/ic|DpoBaHHbiM 
pa3Ae/iOM. 

3to oneHb no/ie3HO b Tex c/iynaax, ec/in Bbi MHoro nyTeuiecTByeTe, m 
B aM Hy>xeH 6bicTpbiPi cnoco6 o6ecneHMTb HeB03M0>KH0CTb AOCTyna k 
B aniMM AaHHbiM. Bo BpeMfl 3arpy3KM, npocTO BBeAHTe napo/ib 
caMoyHMHTO>KeHM5q BMecTO pea/ibHoro, m noc/ie 3Toro hi/ikto 6o/ibiiie 
(Aa>Ke Bbi) He cMO>KeT nonyHi/iTb AOCTyn k BaniMM AaHHbiM. 

llepeA ncno/ib30BaHneM btom oco6eHHOCTi/i, AOBO/ibHO yMHbiM maroM 
6yAeT cAe/iaTb pe3epBHyio Konmo Baninx K/uonePi LUMcjDpoBaHMfl i/i 
xpaHMTb ee b h3ag>khom MecTe. 

C/ieAy^ npMMepy, npi/iBeAeHHOMy b btom ceicuMM, Bbi MO>xeTe 
Ao6aBHTb napo/ib caMoyHHHTO>KeHmi c noMombio btom KOMaHAbi: 


# cryptsetup luksAddNuke /dev/sdb4 

Enter any existing passphrase: 
Enter new passphrase for key slot: 
Verify passphrase: 


BO/lbllie MHCjDOpMaMMH 06 3T0M 0C06eHH0CTM Bbi CMO>KeTe HaPlTM, B 
yKa33HHOM HH>Ke pyKOBOACTBe: 

https://www.kali.org/tutorials/nuke- kali-linux-luks/ 


9.5 noABefleM morn 
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B 3tom maBe Mbi y3Ha/iM 6o/ibiiie o tom, KaK MOAnc|3Mi4MpoBaTb 
McxoflHbie naKeTbi Kali, KOTopbie flBrmiOTCfl ocHOBHbiMM 
CTpoMTe/ibHbiMM 6/iOKaMn Bcex npnno>KeHMM, nocTaB/iaeMbix b Kali. 
Mbl T3 K>Ke paStflCHM/lM, K3KMM 06pa30M HaCTpOMTb M yCTaHOBMTb aflpo 
Kali. 3aTeM Mbi paccMOTperm cpeAy live-build m o6cyAM/iu, KaK 
co3AaTb no/ib30BaTenbCKMM o6pa3 ISO Kali Linux. Mbi Tao<e 
npoAeMOHCTpnpoBa/iu, KaK co3AaBaTb KaK 3ai±mc|3poBaHHbie, TaK m 
He3aLUM(|)poBaHHbie ycraHOBKM USB Kali. 


9.5.1 OcHOBHbie peKOMeHA.au.MM no MOAH(|)MKaLi 1 MM naKeTOB Kali 

M3MeHeHne Kali naKeTOB o6bNHO nBnnejcn 3aAaHeM A-rm coTpyAHMKOB 
Kali h pa3pa6oTHMKOB, ho y Bac MoryT B03HMKHyTb HeKkie oco6bie 
Hy>KAbi, KOTopbie He 6bmn yAOB/ieTBopeHbi oc^MUMa/ibHbiMM naKeTaMM, 
m 3HaHne Toro, KaK co3AaBaTb MOAn<t>MUMpoBaHHbiM naKeT, MO>KeT 
6biTb oneHb ueHHbiM, oco6eHHO, ec/iM Bbi xoTMTe noAe/iMTbCfl cbommm 
H 3MeHeHHJRMH, MCn0/lb30BaTb MX BOBHe MJ1M >Ke npOCTO OTKaTMTb Bee 

M3MeHeHMfi k mx npeAbiAymeMy coctoahmio. 

KorAa BaM Hy>KHO MOAn<t>MUMpoBaTb KaKyK)-nM6o nacTb nporpaMMHoro 
o6ecneneHMfl, MO>KeT B03HMKHyTb co6/ia3H 3arpy3MTb mctohhmk, 
BHeCTM M3MeHeHM51 M MCn0/lb30BaTb MOAH<t>MMMpOBaHHOe 
nporpaMMHoe o6ecneneHMe. OAHaKO, ec/iM BameMy npM/io>KeHMK) 
Tpe6yeTCjR o6mecMCTeMHaa HacrpoMKa (HanpMMep, c noMombio mara 
make install), to oho 6yAeT TO/ibKO 3arpfj3HfjTb Bamy c^aM/iOByK) 
CMCTeMy cj^aM/iaMM, HeM3BecTHbiMM dpkg, m BCKope co3AacT 
MHO>KecTBO npo6neMbi, KOTopbie He MoryT 6biTb penieHbi 
33BMCMMOCTflMM naKeTOB. KpOMe TOTO, 3T0T TMn MOAH<t>MKai4MM 
nporpaMMHoro o6ecneneHMfl ABrmeTCfl 6o/iee yTOMMTe/ibHbiM. 

npM co3AaHMM MOAucf)Mi4MpoBaHHoro naKeTa o6luhm npoqecc BcerAa 

OAHH M TOT >Ke: B03bMMTe MCXOAHbIM naKeT, M3BJieKMTe ero, BHeCMTe 
M3MeHeHMjR m 33TeM co3AaMTe naKeT. Arm Ka>KAoro mara Macro 
MCnO/lb3yK)TCf1 HeCKOnbKO MHCTpyMeHTOB, KOTopbie MoryT OTAe/lbHO 
o6pa6aTbiBaTb Ka>KAyK) 3aAany. 

HTo6bi HanaTb nepecTpaMBaTb naKeT Kali, cHana/ia cKanaPiTe 
McxoAHbm naKeT, KOTopbiM coctomt M3 c^ai/ma *.dsc (Debian Source 
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Control) m Aono/iHMTe/ibHbix c^aPi/iOB, Ha KOTopbie ccbmaeTCfl btot 
cj^aPi/i ynpaB/ieHmr 

1/lcxoAHbie naKeTbi xpaHATca Ha 3epKa/iax, AOCTynHbix nepe3 HTTP. 
CaMbiPi 3cf>cf)eKTHBHbiM cnoco6 no/iyni/iTb i/ix - bto ncno/ib30BaTb 
KOMaHAy apt source source-package-name , KOTopas Tpe6yeT ot Bac 
Ao6aBHTb cTpoHKy deb-src b ct>aPm /etc/ apt/sources.tist m o6HOBHTb 
cJoaM/ibi HHAGKca c noMombK) apt update. 

flono/iHMTe/ibHO Bbi MO>KeTe ncnonb30BaTb dget ( 1/13 naKeTa devscripts 
package) Ann Toro, HTo6bi cKanaTb .dsc cj^aPm Hanp^Myio BMecTe c ero 
conpoBO>KAaK)mnMM c^aPmaMH. 

Ann cneuna/ibHbix Kali naKeTOB, nePi mctohhhk HaxoAHTca b 
peno3MTopnn Git Ha git.kali.org 43 , Bbi MO>KeTe no/iyni/iTb hctohhmkh c 
noMombK) git clone git://git.kali.org/ packages/ source-package (ec/ii/i 
Bbi Hkinero He bmahtc b BameM peno3MTopnn, nonbuaPiTecb 
nepeKniOHHTbca Ha BeTKy kali/ master c noMombK) git checkout 
kali/master). 

noc/ie cKaHMBaHi/m hctohhmkob, ycTaHOBHTe naKeTbi, nepeHi/icneHHbie 
B 3aBHCMM0CTflX c6opKH MCXOAHOTO naKeTa C nOMOLUbK) sudo apt build- 
dep ./. 3Ta KOMaHAa AO/i>KHa 6biTb 3anymeHa H3 hcxoahoPI 
AnpeKTopnn naKeTa. 

06 HOB/ieHMfl HcxoAHoro naKeTa coctoat m 3 K0M6nHaum/i c/ieAyK)Lunx 
maroB: 

• Tpe6yeMbiPi nepBbiPi mar - n3MeHHTb HOMep Bep cmh, HTo6bi 
OT/iMHMTb Bam naKeT ot opnrnHana c noMombK) dch —local 
version-identifier, i/mn MOAncNunpoBaTb Apyrkie AeTarm naKeTa 
c noMombK) dch. 

• ripMMeHeHMe naTna c noMombK) patch -pi < patch-file m/im 
M 0An4>MKauna quilt cepm/i naTHa. 

• ToHKaa HacTpoPiKa onqnPi c6opkh, o6bNHO BCTpenaiOTCfl b 
cj^aPme naKeTa debian/rules m/im b Apyr mx cj^aPmax AnpeKTopnn 
debian/. 


43 http://git.ka li.org 
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noc/ie MOflnc|3MKai4i/m mcxoahord naiceTa, Bbi MOweTe co3AaTb 
6MHapHbm naxeT c noMombK) KOMaHAbi dpkg-buildpackage -us -uc -b 

M3 MCXOAHOM AHpeKTOpMM, KOTopaa C03AaCT HenoAnMcaHHbiM 
6MHapHbiM naxeT. 3aTeM naxeT MO>KeT 6biTb ycTaHOB/ieH c noMombK) 
dpkg -i package-name_version_arch.deb. 


9.5.2 OcHOBHbie peKOMeHA.au.MM no peKOMnnAnu,MM fl/jpa Linux 

KaK npoABMHyTbiPi no.nb30BaTe.nb, Bbi MO>KeTe nepeKOMnM/iMpoBaTb 
9\f\ po Kali. Bbi MO>KeTe 3axoTeTb yMeHbiiiMTb cTaHAapTHoe aa po Kali, 
KOTopoe 3arpy>KeHO mhotmmm cj^yHKUMflMM m ApaMBepaMM, Ao6aBMTb 
HecTaHAapTHbie ApaMBepbi m/im 4)yHKi4MM m/im npMMeHMTb pa3/iMHHbie 
naTHM napa. OAHaKO o6paTMTe BHMMaHMe: HenpaBM/ibHO 

CKOHcjDMrypMpoBaHHoe flAPO MO>KeT AecTa6MnM3MpoBaTb Bamy 
CMCTeMy, M Bbi AO/l>KHbl 6blTb TOTOBbl K TOMy, HTO Kali He CMO>KeT 
o6ecnenMTb o6HOB/ieHMfl 6e3onacHOCTM A-rm Bamero 

no/ib30BaTe/ibCKoro AApa. 

fl/lJR 60/lbLUMHCTBa MOAHC|3MKaMMM flApa, BaM nOHaA06MTCJR yCT3H0BMTb 
HecKO/ibKO naxeTOB c noMombK) KOMaHAbi apt install build- essential 
Iibncurses5-dev fakeroot. 

KoMaHAa apt-cache search ~linux-source AO/i>KHa nepenMc/iMTb 
noc/ieAHK)K) BepcMK) ^Apa Kali, m apt install linux-source-version- 
number ycraHaB/iMBaeT c>KaTbiM apxMB mctohhmkob flApa b /usr/src. 

1/lcxoAHbie cj^aM/ibi AO/i>KHbi 6biTb M3B/ieHeHbi c noMombK) tar -xaf 
OT/iMHHbiM ot /usr/src (HanpMMep, - / kernel). 

KorAa npMLu/io BpeMA HacTpoMTb Bame aa po, BcerAa noMHMTe 06 btmx 
MOMeHTax: 

• Ec/im Bbi He aB/iaeTecb npoABMHyTbiM no/ib30BaTe/ieM, Bbi 
AO/i>KHbi cHana/ia 3ano/iHMTb c^aPm KOHc^MrypauMM aa pa. 
llpeAnOHTMTe/lbHblM Cn 0 C 060 M flB/lfleTCfl 3aMMCTBOBaHMe 
CTaHAapTHOM KOHcjDMrypauMM Kali nyTeM KonMpoBaHM?i/3arpy3KM 
config -version- string to ~/kernel/linux-sou rce-version- 

number/.config. A/ibTepHaTMBHO, Bbi MO>KeTe Mcno/ib30BaTb 
make architecture_defconfig A-rm no/iyneHMA noAxoA^meM 
KOHc(3MrypaMMM A-rm ashhom apxMTeKTypbi. 
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• CpeACTBO KOHcj}nrypnpoBaHMfl ^Apa menuconfig Ha TeiccTOBOM 
ocHOBe npoHMTaeT cjDaM/i .config m npeACTaBMT BaM Bee aneMeHTbi 
KOHCf)MrypaMMM B OrpOMHOM MeHK), KOTOpOe Bbl MO>KeTe 
nepeMemaTb. Bbi6op aneMeHTa noKa3biBaeT ero AOicyMeHTauMK), 
B03M0>KHbie 3HaneHi/m m no3BormeT bbcctm HOBoe 3HaneHne. 

KorAa Bbi 3anycKaeTe M3 mcxoahoto KaTa/iora napa KOMaHAy make 
clean, OHa yuanm paHee cKOMnnnnpoBaHHbie c^au/ibi, a make deb- 
pkg creHepkipyeT ao h9\t\a naKeTOB Debian. OaM/i Unux-image-version 
.deb coAep>KMT o6pa3 napa m cBA3aHHbie c hum MOAy-nn. 

HTo6bi Ha caMOM Ae/ie ncno/ib30BaTb c6opi<y nixpa, ycTaHOBHTe Bee 
Heo6xoAHMbie naiceTbi c noMombK) dpkg -i file.deb. Tpe6yeTca naiceT 
"linux- image"; BaM npMAeTca ycTaHOBHTb naiceT "linux-headers" ec/iM 
y Bac ecTb HeicoTopbie BHeuiHMe MOAy/in flApa A-rm c6opkm, hto 
o6bNHO Heo6xoAHMO, ec/iM y Bac ycTaHOB/ieHbi naiceTbi "*-dkms" 
(checkwith dpkg -I "*-dkms" | grep ~ii). OcTa/ibHbie naiceTbi BaM, icaic 
npaBM/io, He noHaAo6?iTCfl (noica Bbi HaBepHflica He 6yAeTe yBepeHbi 
B TOM, HTO OHM BaM AOMCTBMTe/lbHO Hy>KHbl!). 


9.5.3 OcHOBHbie peKOMeHA.au.MM no C03A,aHMK) 
noAb30BaTeAbCKoro mcmboto ISO o6pa3a Kali 

Ocj^MUMa/ibHbiM ISO o6pa3 Kali co3AaeTca c noMombK) live-build 11 , 

KOTOpbIM 9\Br\9\eTC9\ Ha6opOM CKpunTOB, n03B0/lflK)LUMX nO/lHOCTbK) 
aBTOMaTM3MpoBaTb m HacTpaMBaTb Bee acneKTbi co3AaHMjR o6pa3a 
ISO. 

Bama cMCTeMa Kali AO/i>KHa 6 biTb no/iHOCTbio o 6 HOB/ieHa, nepeA TeM 
Kax Mcno/ib 30 BaTb live-build. 

KoHc|3MrypaMMfl Kali live-build MO>KeT 6biTb no/iyneHa M3 Kali Git 
peno3MTopMeB c noMombK) AByx KOMaHA: apt install curl git live-build 
a 3aTeM git clone git://git.kali.org/ live-build-config.git 

Ana co3AaHMa o6HOB/ieHHoro, ho He MOAnc^MUMpoBaHHoro ISO 
o6pa3a Kali, npocTO 3anycTMTe ./build.sh —verbose, npoqecc 
C03AaHMJR 33MMeT AOBO/lbHO MHOrO BpeMeHM, nOKa OH 6yAeT 
CKaHMBaTb Bee naiceTbi. flo 3aBepnieHMK), Bbi HaMAeTe HOBbiPi ISO 
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o6pa3 b flnpeKTopnn, rfle xpaHATca o6pa3bi. Ec/im Bbi Ao6aBMTe — 
variant variant b KOMaHAHyio crpoKy, to 6yAeT co3AaH AaHHbiM 
BapMaHT o6pa3a Kali ISO. Pa3/inHHbie BapnaHTbi onpeAe/iaiOTCfl hx 
KOHcj^nrypauMOHHbiMM KaTa/ioraMM kali-config/variant-*. OcHOBHbiM 
o6pa30M AB/iaeTCfl BapnaHT gnome. 

CymecTByeT HecKO/ibKO cnoco6oB HacTponTb Bam ISO o6pa3 c 
noMombK) MOAnc|3HKauMn KOHcj^MrypauMM AnpeKTopnn live-build: 

• llaKeTbi MoryT 6biTb Ao6aB/ieHbi k >KHBOMy ISO (m/im yAa/ieHbi) 
nyTeM MOAnct>Mi 4 MpoBaHMfl c^afi/iOB package-lists/*, list.chroot 

• no/ib30BaTe/ibCKne naiceTbi MoryT 6biTb Ao6aB/ieHbi b >kmbom 
o6pa3 nyTeM noMemeHMA ctoaM/iOB .deb b AnpeKTopnK) 
packages.chroot 

• Bbi MO>KeTe Ao6aB/iJiTb c^aM/ibi b mx c^aM/iOByK) cMcreMy nyTeM 
noMemeHMjq mx b ziorMnecKM o>KMAaeMoe MecTO b 
KOHcf)Mrypai 4 MOHHyK) AnpeKTopMK) includes.chroot 

• Bbi MO>KeTe BbinonHjqTb cKpMnTbi bo BpeMA chroot ycTaHOBOHHoro 
npouecca >kmbom cMcreMbi nyTeM mx ycTaHOBKM b icanecTBe 
cjDaM/iOB hooks/live/*.chroot. Bbi TaK>Ke MO>KeTe Bbino/iHATb 
CKpMnTbi bo BpeMfl 3arpy3KM creHepMpoBaHHoro jkmboto 
M3o6pa>KeHM}q: Bbi AO/i>KHbi o6ecnenMTb mx ycTaHOBKy b 
usr/lib/live/config/XXXX-name, HanpMMep, onMpaacb Ha KaTanor 
KOHcf)MrypauMM include.chroot. 

• PyKOBOACTBO Debian Live Systems Manual 12 AB/iaeTCfl 
3aMeHaTe/ibHOM ccbmKOM A-rm nonyneHM^ Aono/iHMTenbHOM 
MHcfjopMauMM o TecTMpoBaHMM m HacTpoPiKe live-build. 

YcTaHOBKa 3ai±iMc|)poBaHHoro m He3amMcf)poBaHHoro nocroAHHoro 
xpaHM/iMma MHcf)opMaMMM Ha USB HaKonMTe/ib: BcerAa oneHb npocTO 
co3AaTb Kali Live USB ycTpoPicTBO. Xota npouecc MO>KeT Ka3aTbca 
CMHT3 KCMHeCKM C/10>KHblM, AOBO/lbHO npOCTO A 06 aBMTb KaK 
3amMcf)poBaHHyK), TaK m He3ai±iMc|)poBaHHoe nocroAHHoe xpaHM/iMLue 
k BameMy nepeHOCHOMy ycrpoi/icTBy, HTo6bi 3HaHMTe/ibHO pacmMpMTb 
ero cjDyHKUMOHa/ibHOCTb. 

B c/ieAyKDmeM maBe, Mbi o6cyAMM pa3/iMHHbie MacmTa6bi npMMeHeHMfl 
Kali Ha npeAnpMATMflx. Mbi o6cyAMM ynpaB/ieHMe KOHc^MrypaMMePi m 
noKa>KeM BaM, KaK pacmMpMTb m HacTpoMTb Kali Linux t3kmm o6pa30M, 
HTo6bi ero 6bmo zierKO ycraHOBMTb, KaK Ha napy ManiMH, TaK m Ha 
HeCKOnbKO TbICflH. 
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HacTb 10: Kali Linux b a^mctbmm 

Coflep>KaHMe: 

10.1 YcTaHOBKa Kali Linux no ceTM (PXE Boot) 

10.2 Mcno/ib30BaHne ynpaB/iei-mfl KOHc^nrypauHePi 

10.3 Mcno/ib30BaHne i/i HacrpoMKa Kali Linux 

10.4 noflBeAeM MTorn 

K/ifoneBbie c/iOBa maBbi: 

• PXE installation YnpaB/ieHMe KOH^urypaMi/iei/i 

• Saltstack 

• Pa3BeTBneHne naiceTOB Kali 

• naKeTbi KOHc^MrypauMM 

• Peno3MTopnPi naKeTOB 
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flo c mx nop Mbi BMAe/iM, hto Kali AB/iaeTCfl Hpe3BbinaMHO HaAe>xHOM m 
6e3onacHOM onepauMOHHOM cMcreMOM Ha ocHOBe Debian, 
o6ecneHMBaK>meM cepbe3HbiM ypoBeHb 6e3onacHOCTM m LUMcj^poBaHMfl, 
pacLUMpeHHoe ynpaB/ieHi/ie naxeTaMM, My/ibTMn/iaTc^opMeHHbie 
B03M0>XH0CTM M (HTO Han60/iee M3BeCTHO) apceHa/1 MHCTpyMeHTOB 
Mi/ipoBoro x/iacca A-rm npocjDeccMOHa/iOB b ccj^epe 6e3onacHOCTM. lloKa 
hto A-n^ Hac He coBceM nBnnejcn oneBMAHbiM tot cj^axT, b xaxMx 
HMeHHO MaciiiTa6ax MO>xeT npMMeHflTbca Kali. B btom pa3Ae/ie Mbi 
noKa>KeM BaM, xaxMM o6pa30M mo>kho Mcno/ib30BaTb Kali A-rm 
o6ecneHeHH5R MeHTpa/iM30BaHHoro ynpaB/ieHMA b Maci±iTa6ax 
npeAnpMfiTMfi m npeAOCTaB/ieHMfl xoHTporm HaA MHO>KecTBOM 
ycTpoPicTB, pa6oTaK)mnx c onepaMMOHHOM CMcreMOM Kali Linux. 
BxpaTue, noc/ie npoHTeHMA btom rnaBbi Bbi cMO>xeTe 6bicTpo 
pa3BepTbiBaTb BbicoK03amnmeHHbie cMcreMbi Kali, npeABapMTe/ibHO 
CKOHcj^MrypMpoBaHHbie A-rm Bam mx KOHKpeTHbix noTpe6HOCTeM, m 
CMHxpoHM3npoBaTb mx 6/iaroAapa Kali ycTaHOBKe 
(nonyaBTOMaTMnecKOM) o6hob/i6hmm naxeTOB. 

3tot ypoBeHb MacmTa6a Tpe6yeT Hecxo/ibXMx maroB, Bx/nonafl 
MHMUMMpoBaHMe 3arpy3KM ceTM PXE, Mcnonb30BaHMe cneuMa/ibHoro 
MHCTpyMeHTa ynpaB/ieHMA KOHc^MrypauMeM (SaltStack), B03M0>KH0CTb 
pa3BeTB/ieHMfl m HacrpoMXM naxeTOB m pa3BepTbiBaHMe mx 
peno3MTopM5R. Mbi 3aTpoHeM Ka>KAbiM M3 3tmx BonpocoB 6o/iee 
AeTa/ibHO, noxa>xeM BaM, xaxMM o6pa30M c nerxocTbio cnpaBMTbca c 
Ka>xymMMMCJR Ha nepBbiM B3rrmA TpyAHbiMM MOMeHTaMM, a Taioxe xax 
pa3BepTbiBaTb, ynpaBrmTb m noAAep>xMBaTb MHO>KecTBO 
no/ib30BaTe/ibCKMx ycrpoi/icTB Kali Linux c OTHOCMTe/ibHOM jierxocTbio. 


10.1 YcTaHOBKa Kali Linux no cem (PXE Boot) 

Kax Mbi BMAe/iM b npeAbiAymux maBax, 6a30BbiM npouecc ycTaHOBXM 
Kali Linux AOCTaTOHHO npocT, ec/iM Bbi 3HaeTe, hto mmchho Bbi xoTMTe, 
m hto BaM Hy>xHO A-rm 3Toro Ae/iaTb. Ho ec/iM BaM Hy>xHO ycTaHOBMTb 
Kali Ha Hecxo/ibXMx MamMHax, craHAapTHaa ycTaHOBxa MO>xeT 6biTb 
AOBO/lbHO yTOMMTe/lbHOM. K CHaCTbK), Bbi MO>XeTe 3anyCTMTb 
npoueAypy ycTaHOBXM Kali, 3arpy3MB xoMnbiOTep nepe3 ceTb. 3to 
no3Bon?ieT BaM 6bicTpo m zierxo ycTaHaB/iMBaTb Kali Ha mhotmx 
MamMHax OAHOBpeMeHHO. 
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fl/ia Hanana, BaM hy>kho 6yAeT 3arpy3MTb Bam qe/ieBOM KOMnbKrrep 
M3 ceTM. 3T0My cnoco6cTByeT cpeAa Bbino/iHeHMA Preboot (Preboot 
execution Environment (PXE)), MHTepcj^eMC KrmeHTa/cepBepa, 
npeAHa3HaneHHbiM A-rm 3arpy3KM /iK)6oro ceTeBoro ycrpoMCTBa M3 
ceTM, Aa>xe ec/iM Ha HeM HeT ycTaHOB/ieHHOM onepaqMOHHOM cMCTeMbi. 
p,r\9\ HacTpoMKM ceTeBOM 3arpy3KM PXE Tpe6yeTca HacTpoMTb, no 
KpaMHePi Mepe, trivial file transfer protocol (TFTP) m cepBep 
DHCP/BOOTP. BaM Taioxe noHaAo6MTca Be6-cepBep, ec/iM Bbi xoTMTe 
pa3MecTMTb debconf preseeding dpawn, KOTopbiPi 6yAeT 
aBTOMaTMnecKM Mcno/ib30BaTbCfl b npoqecce ycTaHOBKM. 

K cnacTbK), dnsmasq o6pa6aTbiBaeT KaK DHCP , Tax m TFTP\ Tax 
HTo6bi Bbi mot/im no/io>KMTbC5q Ha OAHy c/iy>K6y A-rm HacTpoMKM Bcero, 
hto BaM Heo6xoAHMO. Be6 cepBep Apache ycraHOB/ieH (ho He 
aKTMBeH) no yMonnaHMK) Ha cMCTeMax Kali. 


OTfle/ibHbie DHCP m TFTP neMOHbi 

Ana 6o/iee c/io>KHbix ycraHOBOK, Ha6op cbomctb dnsmasq MOweT 6biTb 
c/imlukom orpaHMneHHbiM, m/im Bbi MOweTe BK/iKDHMTb 3arpy3Ky PXE B 
CBoePi ochobhom ceTM, KOTopajR y>xe 3anycKaeT DHCP-AeMOHa. 

B o6omx c/iynaax BaM npMAeTca HacTpoMTb OTAe/ibHbie DHCP m TFTP 

AGMOHbl. 

PyKOBOACTBO no ycTaHOBKe Debian 3aTparMBaeT ycTaHOBKy isc-dhcp- 
server m tftpd-hpa i\r\s\ PXE 3arpy3KM. 


Ana Toro HTo6bi HacTpoMTb dnsmasq, Bbi AO/i>KHbi cHana/ia HacTpoMTb 
ero Hepe3/etc/dnsmasq.conf. Ba30Bbie KOHcjDMrypauMM coctoat Bcero 
/IMLUb M3 HeCKO/lbKMX K/IKDHeBbIX CTpOK! 


330 



# Network interface to handle 
interface=eth0 

it DHCP options 

# IP range to allocate 

dhcp-range=192.168.101.100,192.168.101.200,12h 

# Gateway to announce to clients 

dhcp-option=option:router,192.168.101.1 

# DNS servers to announce to clients 

dhcp-option=option:dns-server,8.8.8.8,8.8.4.4 

# Boot file to announce to clients 
dhcp-boot=pxelinux.0 

# TFTP options 
enable-tftp 

# Directory hosting files to serve 
tftp-root=/tftpboot/ 


noc/ie HacTpoMKM/etc/dnsmasq.conf BaM noHaflo6MTCfl noMecri/iTb 
ycTaHOBOHHbie c|3aPi.nbi 3arpy3Kn b Ai/ipeKTopi/iK) /tftpboot/. l/lMei-mo 
A-rm 3 tom ue/iM Kali Linux npeflOCTaB/iaeT c^aPmoBbiPi apxHB, KOTopbiPi 
MO>KeT 6biTb HenocpeACTBeHHO pacnaKOBaH b AnpeicropnK) /tftpboot/. 
npocTO CAenaPiTe Bbi6op Me>KAy 32-bit (i386) m 64-bit (amd64), a 
Tai<>Ke Me>KAy CTa has Pth bi m hjii/i rpacJuMnecKi/iM (gtk) motoaom 
ycTaHOBKM A-n^ BauiePi qe/ieBoPi Mauii/mbi m Bbi6epnTe 
cooTBeTCTByK)LunPi apxi/iB: 

• http://http.kali.org/dists/kali-rollinq/nnain/installer- 
amd64/current/images/ netboot/gtk/netboot.tar.gz 

• http://http.kali.org/dists/kali-rollinq/main/installer- 
amd64/current/images/ netboot/netboot.tar.gz 

• http://http.kali.org/dists/kali-rollinq/main/installer- 
i386/current/images/ netboot/gtk/netboot.tar.gz 

• http://http.kali.org/dists/kali-rollinq/main/installer- 
i386/current/images/ netboot/netboot.tar.gz 

KaK TO/ibKO Bbi Bbi6pann apxnB, co3AaPiTe /tftpboot/, cKanaPiTe apxnB 
m pacnaicyPiTe ero b 3Ty AnpeKTopMK): 
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# mkdir /tftpboot 

# cd /tftpboot 

# wget http://http.kali.org/dists/kali-rolling/main/installer-amd64/current/images/ 

netboot/netboot.tar.gz 

# tar xf netboot.tar.gz 

# Is -l 

total 25896 

drwxrwxr-x 3 root root 4096 May 6 04:43 debian-installer 

Irwxrwxrwx 1 root root 47 May 6 04:43 ldlinux.c32 -> debian-installer/amd64/boot 

*+ -screens/ldlinux.c32 

-rw-r--r-- 1 root root 26507247 May 6 04:43 netboot.tar.gz 

Irwxrwxrwx 1 root root 33 May 6 04:43 pxelinux.0 -> debian-installer/amd64/ 

pxelinux.0 

Irwxrwxrwx 1 root root 35 May 6 04:43 pxelinux.cfg -> debian-installer/amd64/ 

pxelinux.cfg 

-rw-rw-r-- 1 root root 71 May 6 04:43 version.info 

B pacnaKOBaHHbie (£ai/i.nbi bxoaht 3arpy3HHK pxelinux , KOTopbiPi 
ncno/ib3yeT Te >Ke ct>ai/i.nbi KOHc|3i/irypaunn, hto h syslinux n isolinux.. 
B/iaroflapa 3T0My, Bbi cMO>KeTe HacTpanBaTb ct>ai/i.nbi 3arpy3Kn b 
debian- installer/amd64/ boot - screens/ KaK bto 6bmo 6bi, ec/ii/i 6bi 
Bbi co3flaBann no/ib30BaTe/ibCKi/ie >KHBbie ISO o6pa3bi Kali Linux. 

Hanpi/iMep, npeAno/io>KHM, hto Bbi Bbi6pa.ni/i TeiccTOBbiM pe>KHM 
ycTaHOBKH, Bbi MO>KeTe Ao6aBHTb napaMeTpbi 3arpy3Kn f\nn Toro, 
HTo6bi noAeeprHyTb npoueAype npecnAunra 3HaneHi/m fl3bii<a, 
CTpaHbi, pacKnaAKu K/iaBi/iaTypbi, nMem/i xocTa n nMem/i AOMeHa. Bbi 
TaK>xe MO>KeTe yi<a3aTb ycTaHOBiumcy Ha BHeniHioK) preseed URL h 
HaCTpOHTb /ll/IMHT BpeMeHH T3K1/IM 06pa30M, HTO 3arpy3Ka HaHHeTCJl 

aBTOMaTHnecKH, ec/in b TeneHHe 5 ceicyHA He 6yAeT HawaTa KaKa n- 
/ih6o K/iaBmua. Ann toto HTo6bi Bbino/iHHTb bto, BaM cHana/ia Hy>KHO 
MOAn^^UnpoBaTb ctoaM/i debian - installer/amd64/txt.cfg: 


label install 

menu label ^Install 

kernel debian-installer/amd64/linux 

append vga=788 initrd=debian-installer/amd64/initrd.gz --- quiet language=en 
country=US keymap=us hostname=kali domain= url=http://192.168.101.1/ 
*+ preseed.cfg 


3aTeM, Bbi MOAn4>ni4npyeTe c^an/i debian 
installer/amd64/syslinux.cfg Ann toto, HTo6bi HacrpoHTb jihmht 
BpeMeHH: 
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# D-I config version 2.0 

# search path for the c32 support libraries (libcom32, libutil etc.) 
path debian-installer/amd64/boot-screens/ 

include debian-installer/amd64/boot-screens/menu.cfg 
default debian-installer/amd64/boot-screens/vesamenu.c32 
prompt 0 
timeout 50 


Tenepb BOopywi/iBiui/icb B03M0>KH0CTbK) 3arpy3MTb /iK)6yK) Mawi/my 
nepe3 ceTb c noMombK) PXE, Bbi MO>KeTe ncno/ib30BaTb b cbomx 
MHTepecax Bee cBoPicTBa m cfjyHKMi/in, onncaHHbie b pa3Ae/ie 4.3, 
"ABTOMaTMHeCKMe YCTaHOBKl/T [CTp. 91], KOTOpbie n03B0/l?1T BaM 
npoBOAMTb normyK) 3arpy3Ky, npoqeAypy npecMAMHra m 
aBTOMaTHnecKyK) ycTaHOBKy Ha MHO>KecTBe KOMnbKrrepoB 6e3 
Ha/iMHM?) c|3M3MHecKoro 3arpy30HHoro Hoci/merm. Taioxe, He 
3a6biBaPiTe o rn6KOCTM napaMeTpa 3arpy3KM 

preseed/url=http://serv'er/preseed. Cfg (ho He ncno/ib30BaH url 
a/ibTepHaTHBHoro i/iMeHki), KOTopbiPi no3BO/ifleTCfl BaM ycraHOBi/iTb 
preseed c^aPm Ha ocHOBe ceTi/i. 


10.2 klcno/ib30Bahme ynpaB/iehme K0H(J)nrypai4MeM 

I/Im ea B03M0>KH0CTb AOBO/ibHO TaKM 6bicTpo ycraHaB/iMBaTb Kali Ha 
MHO>KeCTBO KOMnbKDTepOB, BaM B Aa/lbHeMI±ieM nOHaA 06 MTCf 1 nOMOLUb 
A.rm ynpaB/ieHi/m btmmm ManiMHaMH. Bbi MO>KeTe ncno/ib30BaTb 
MHCTpyMeHTbi ynpaB/ieHi/m K0Hct3nrypauneM A-rm Aa/ibHePiLuero 
ynpaB/ieHMjR bthmh ManiMHaMM. 

Kali Linux coAep>Ki/iT MHO>KecTBO nonyrmpHbix HHCTpyMeHTOB 
ynpaB/ieHi/m KOHc^i/irypaMi/iei/i, KOTOpbie Bbi MOweTe 3axoTeTb 
ncnonb30BaTb ansible, chef, puppet, saltstack, m t. a-)/ ho b 3tom 
pa3Ae/ie Mbi 3aTpoHeM nmub SaltStack. 
https://saltstack.com 


10.2.1 HacTpoMKa SaltStack 

Saltstack AB/ifleTca ueHTpa/iM30BaHH0M c/iy>K6oM ynpaB/ieHHa 
KOHc^MrypauMePi: salt master ynpaB/iaeT mhokcctbom salt minions. 
BaM c/ieAyeT ycraHOBHTb naKeT salt-master Ha cepBep, KOTopbm 
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flBJlfleTCfl AOCTM>KMMblM Rr\5\ BCeX XOCTOB, KOTOpbIMH Bbl XOTMTe 
ynpaB/ij^Tb m ycraHOBUTb salt-minion HenocpeACTBeHHO Ha Te xocTbi, 
KOTopbiMH Bbi xoTHTe ynpaBrmTb. KawAbiPi MMHbOH (minion) AO/i>KeH 
3HaTb, i~Ae oh MO>KeT homtm cBoero xo3fli/ma (master). Ann sroro 
npocTO OTpeAQ kth py MTe /etc/salt/minion m BbicTaBbTe master key f\nn 
HMeHM DNS (m/im IP aApeca) Salt master. 06paTHTe BHHMaHHe, hto 
S alt ncno/ib3yeT YAML b KanecTBe cj^opMaTa A-rm CBoero c^ai/ma 
KOHct)MrypauMH. 


minion# vim /etc/salt/minion 
minion# grep ''master /etc/salt/minion 
master: 192.168.122.105 


Ka>KAblM MMHbOH MMeeT yHMKa/lbHblM MASHTMCf)MKaTOp, XpaHJUUMMCJl B 
<t>aM/ie / etc / salt / minion_id, KOTopbiPi no yMO/inaHMK) cooTBeTCTByeT 
ero MMeHM XOCTa. 3T0T MA6HTMC}}MKaT0p MMHbOHa 6yAeT 
Mcnonb30BaTbca b npaBM/iax KOHcfjMrypauMM m oneHb b3>kho 
npaBM/ibHO ycTaHOBMTb ero, npe>KAe neM MMHbOH OTKpoeT cBoe 
coeAHHeHMe c xo3amhom: 


minion# echo kali-scratch >/etc/salt/minion_id 
minion# systemctl enable salt-minion 
minion# systemctl start salt-minion 


KorAa 3anymeHa salt-minion c/iy>K6a, OHa 6yAeT npo6oBaTb 
coeAHHMTbca c Salt master f\nn o6MeHa HeKOTopbiMM 
KpMnTorpacjDMHecKMMM K/iKDHaMM. Co CTopoHbi master, BaM npMASTCfl 
npMH^Tb k/ikdh, KOTopbiPi Mcno/ib3yeT minion f\nn 
caMOMASHTMcf)MKauMM, HTo6bi npoAO/i>KMTb coeAHHeHMe. 
flocneAyKDLuee coeAHHeHMe npoM30MA6T aBTOMaTMHecKM: 


master# systemctl enable salt-master 
master# systemctl start salt-master 
master# salt-key --list all 
Accepted Keys: 

Denied Keys: 

Unaccepted Keys: 
kali-scratch 
Rejected Keys: 

master# salt-key --accept kali-scratch 

The following keys are going to be accepted: 
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Jnaccepted Keys: 
call-scratch 
’roceed? [n/Y] y 

Cey for minion kali-scratch accepted. 


10.2.2 Bbino/meHne KOMaHfl Ha MMHbOHax (Minions) 

KaK TO/lbKO MMHbOHbl 6yflyT nOAK/IKDHeHbl, Bbl MO>KeTe BbinO/lHJRTb 
KOMaHAbi Ha hmx co CTopoHbi MacTepa: 


master# salt test.ping 

kali-scratch: 

True 

kali-master: 

True 


3Ta KOMaHAa 3anpai±iMBaeT Bee MMHbOHbl («*» - bto rpynnoBOM 
CMMBO/i Ann Bcex MMHbOHOB) Ann Bbino/iHeHMA cjryHKUMM ping M3 
MOAy/i^ Bbino/iHeHMa TecTa. 3Ta cjoy hkmi/i^ B03BpamaeT 3HaneHMe True 
npM ycneniHOM 3anycKe h npeACTaBJiaeT co6om npocTOM cnoco6 
y6eAHTbcsa, hto coeAHHeHMe pa6oTaeT Me>KAy MacTepoM m 
pa3/lMHHblMH MMHbOH3MM. 

Bbl T3K>Ke MO>KeTe HaCTpOMTb HaCTpOMTbCfl Ha OnpeAe/ieHHblM MMHbOH, 
yKa3aB ero MASHTMcJiMKaTop b nepBOM napaMeTpe m/im, bo3mo>kho, 
noArpynny MMHbOHOB, Mcno/ib3yfl MeHee o6mm/i rpynnoBOM cmmboji 
(H anpMMep, «* -scratch» v\nv\ « ka I i - *»). Bot npMMep toto, KaK 
Bbino/iHMTb npon3BO/ibHyK) KOMaHAy o6o/iohkm Ha minion kali- 
scratch: 


master# salt kali-scratch cmd.shell 'uptime; uname -a' 

kali-scratch: 

05:25:48 up 44 min, 2 users, load average: 0.00, 0.01, 0.05 

Linux kali-scratch 4.5.0-kalil-amd64 #1 SMP Debian 4.5.3-2kalil (2016-05-09) x86_64 
GNU/Linux 


CnpaBOHHbm MaTepna/i KacaTe/ibHO MOfly/m Salt 

CymecTByeT mhokcctbo pa3/iMHHbix MOAy/iePi Bbino/iHeHi/ia A-rm 
pa3/inHHbix c/iynaeB ynoTpe6/ieHMfl. K coKa/ieHMK), Mbi He cmokcm 
3aTpoHyTb mx Bee, ho mx no/iHbiM cnMcoK AOCTyneH no ccbi/iKe 
https://docs.saltstack.com/en/latest/ref/modules/all/index.html. Bbi 
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Tai<>Ke MOweTe no/iyHMTb onncaHne Bcex MOAy/iePi Bbino/meHmi m nx 
AOCTynHbIX C|3yHKUMM Ha AaHHOM MMHbOHe C nOMOLUbK) KOMaHAbl salt 
minion sys.doc. 3anycK btom KOMaHAbl BbiBeAeT AOBO/ibHO 6o/ibi±iOM 
CnMCOK CjDyHKUMM, HO Bbl MO>KeTe OTCjDH/lbTpOBaTb ASHHblM CnMCOK, 
yKa3aB MMfl C^yHKUMM M/1M MOAy/1?! c npeACTOflLUHM pOAHTe/lbCKMM 
MOAy.neM b KanecTBe napaMeTpa 


master# salt kali-scratch sys.doc disk.usage 

disk.usage: 

Return usage information for volumes mounted on this 
* minion 


Oahmm m3 HaM6onee no/ie3Hbix MOAy/ieM ABrmeTCfl pkg, KOTopbiM 
npeACTaB/iaeT co6om a6cTpaKUMK) AncneTnepa naKeTOB (package 
manager abstraction), nonaraK>myK)C5i Ha cooTBeTCTByKDLUMn 
MeHeA>*<ep naKeTOB A-rm CMCTeMbi (apt-get A-rm Debian m ero 
npoM3BOAHbix, t3kmx KaK Kali). 

KoMaHAa pkg.refresh_db o6HOBrmeT cnncoK naKeTOB (to ecTb 
Bbino/iHfieT apt-get update), a pkg.upgrade ycraHaB/iMBaeT Bee 
AOCTynHbie o6HOB/ieHMfl (oh Bbino/iHfleT apt-get upgrade m/im apt-get 
dist-upgrade, b 3aBMCMMOCTM ot no/iyneHHbix napaMeTpoB). KoMaHAa 
pkg.tist_upgrades nepenMcrmeT onepaunu, o>KMAaK)mne o6HOB/ieHMjR 
(KOTopbie 6yAyT Bbino/iHATbCfl kom3haom pkg.upgrade dist_upgrade = 
True). 

CepBMCHbiM MOAy/ib AB/iaeTCfl a6cTpaKUMeM MeHeAwepa cny>K6 
(systemd b c/iynae c Kali), KOTopbiM no3BO/iaeT Bbino/iHATb Bee 
o6bNHbie onepauMM systemctt: service.enabte, service.disabte, 
service, start, service.stop, service.restart m service.retoad: 
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master# salt service.enable ssh 

kali-scratch: 

True 

kali-master: 

True 

master# salt service.start ssh 

kali-master: 

True 

kali-scratch: 

True 

master# salt pkg.refreshdb 

kali-scratch: 


kali-master: 


master# salt pkg.upgrade dist_upgrade=True 

kali-scratch: 


changes: 


base-files: 


[...] 


new: 

1:2016.2.1 

old: 

1:2016.2.0 

zaproxy: 


new: 

2.5.0-0kalil 

old: 

2.4.3-0kali3 


comment: 

result: 

True 


B KanecTBe donee KOHKpeTHoro npi/iMepa Bbi MOweTe nerico HacTpoHTb 
CKaHupoBaHne Nmap c noMombK) dnmap. noc/ie ycTaHOBKi/i naKeTa 
Ha Bcex MHHbOHax Bbi 3anycTme cepBep b nepBOM TepMi/iHa/ie: 


server# salt pkg.install dnmap 

[...] 

server# vim dnmap.txt 

server# dnmapserver -f dnmap.txt 


npeflnono>KHB, hto IP-cepBepa bto 1.2.3.4, 
BceM MHHbOHaM, HTo6bi ohh 3anycTnnn 
KOTopbM noflKnKDHaeTca k cepBepy: 


Bbi MO>KeTe 
K/ii/ieHTCKi/m 


C006lHHTb 

npouecc, 
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server# salt cmd.runbg template=jinja 'dnmapclient -s 1.2.3.4 -a {{ grains.id >}' 

kali-scratch: 


pid: 

17137 


06paTMTe BHMMahme, hto b npi/iMepe i/icno/ib3yeTCfl cmd.run_bg Ann 
3anycKa KOMaHAbi dnmap_client b c^ohobom pe>KMMe. He >KAMTe, noKa 
OH 3aKOHHMTCfl, TaK OH AB/lfleTCfl OHeHb A-nuTenbHbiM npoueccoM. K 
cowa/ieHi/iK), oh He 3aBepmaeT ce6a AO/i>KHbiM o6pa30M, KorAa Bbi 
npepbiBaeTe pa6oTy cepBepa, noaTOMy BaM npi/iAeTca ero OHi/icn/iTb: 


server# salt '*' cmd.shell 'pkill -f dnmapclient' 


10.2.3 Salt States m Apyme ocobeHHOCTM 

Xorn yAa/ieHHoe Bbino/iHeHi/ie AB/iaeTCfl AOBO/ibHO TaKM Ba>KHbiM 
6jiokom, 3to /li/inib Manaa nacTb Toro, hto MO>KeT CAe/iaTb SaltStack. 

Ka>KAbm pa 3 , HacTpaMBaa HOByK) Mauii/my, Bbi 3 anycKaeTe MHO>KecTBO 
pa 3 /iMHHbix KOMaHA h TecTOB Rnn onpeAe/ieHi/m AeTa/ien cncreMbi 
nepeA ycraHOBKOM. 

3tm onepaumi MoryT 6biTb c|DopMa/iM30BaHbi b noBTopHO 
ncno/ib3yeMbix Lua6/iOHax KOHcj3nrypaunn, Ha3biBaeMbix state files. 
3aTeM onepauMi/i, om/icaHHbie b c|DaM/iax state, MoryT 6biTb Bbino/iHeHbi 
c noMombK) oahom KOMaHAbi state.apply salt. 

f\nn Toro HTo6bi caKOHOMMTb HeKOTopoe BpeMa, Bbi MO>KeTe 
no/iaraTbca Ha MHO>KecTBO roTOBbix k ncnonb30BaHMK> state cj^aM/iOB, 
KOTopbie 6bmn co3AaHbi coo6mecTBOM 1/1 KOTopbie pacnpocrpaHAiOTCfl 
b "Salt formulas": 

https://docs.saltstack.com/en/latest/topics/development/convention 

s/fomnulas. html 

TaK>xe cymecTByeT MHO>KecTBO Apyrux oco6eHHOcreM, KOTopbie 
MO>KHO KOM6MHMpOBaTb: 
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• 3annaHMpoBaHHoe Bbino/iHem/ie flePicTBuPi; 

• OnpeAe/ieHMe AePicTBuPi b otbct Ha co6brn/ifl 3 anycKaeMbie 
MMHbOHaMM; 

• C6op AaHHbIX C MMHbOHOB; 

• rapMOHMHHoe coneTaHHe noc/ieAOBaTe/ibHOCTH onepaum/i b 
H eCKO/lbKHX MMHbOHax; 

• npMMeHeHMe coctoj^hhh nepe3 SSH 6e3 ycTaHOBKM c/iy>K6bi salt- 
minion; 

• CkicTeMbi npeAOCTaB/ieHi/m 06/iaHHbix HHcJ^pacTpyKTyp m 
ynpaB/ieHMfl hmm; 

• I/I MHoroe Apyroe. 

SaltStack nBnnejcn AOBO/ibHO o6i±inpHbiM, h Mbi, k cowa/ieHi/iK), He 
MO>KeM 3aTpoHyTb Bee ct>yHKunn 3Aecb. OaKTi/inecKH, ecTb khhth, 
KOTopbie no/iHOCTbK) nocBJuueHbi SaltStack, a Tai<>Ke OH/iaPiH- 
AOKyMeHTauHjq npeACTaBrmeT co6om orpoMHbiPi n/iacr nHc|DopMaunn. 
nepePiAHTe no btom ccbi/iKe Ann Toro, HTo6bi 03HaK0MHTbca c 
AOnO/lHHTe/lbHblMM MCTOHHMKaMH MHC^OpMaUHH! 

https://docs.saltstack.com/en/latest/ 

Ec/ih Bbi ynpaB/uqeTe 3HaHMTe/ibHbiM KO/ii/mecTBOM ManiHH, BaM 6yAeT 
none3HO y3HaTb 6o/ibi±ie o SaltStack, TaK KaK Bbi MO>KeTe caKOHOMMTb 
AOBO/lbHO MHOTO BpeMeHM npM nOAK/IKDHeHHH HOBbIX MaLUHH, a T3K>Ke 
Bbi cMO>KeTe noAAep>KHBaTb comacoBaHHyK) KOHcf)nrypaunK) b cBoePi 
ce™. 

HTo6bi AaTb BaM npeACTaB/ieHHe o tom, KaK Bbir/i^AHT pa6oTa co state 
$ a Pm a mm, Mbi paccMOTpi/iM npocroPi npMMep: KaK aKTHBHpoBaTb 
peno3MTopnPi APT h ycTaHOBHTb naKeT, KOTopbiPi Bbi co3AaAHTe b 
pa3Ae/ie 10.3.3, «Co3AaHne peno3HTopna naKeTOB A-rm APT», [cTp. 
269] h b pa3Ae/ie 10.3.2 «Co3AaHne naKeTOB KOHc|DnrypauMn» [cTp. 
263]. Bbi TaK>Ke 3aperncTpnpyeTe SSH-k/ikdh b yneTHoPi 3anncn root, 
HTo6bi Bbi mot/im bomth b cMcreMy yAa/ieHHO b c/iynae B03HHKH0BeHMfl 
npo6/ieM. 

no yMO/inaHHK), cjoaM/ibi state xpaHATca b /srv/salt Ha master; bto 
cjDaPi/ibi co cTpyKTypoPi YAML m pacninpeHneM .sis. Tohho TaK >Ke, KaK 
Ann 3anycKa KOMaHA, npHMeHeHHe state 3aBncnT ot mhotmx state 
MOAy-nePi: 
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• https://docs.saltstack.com/en/latest/topics/tutorials/startinq st 
ates.html 

• https://docs.saltstack.com/en/latest/ref/states/all/ 

Bam /srv/salt/offsec.sls c()ai/i.n Bbi 30 BeT oahh m3 Tpex c/ieflyK)innx 
MOfly/iePi: 


offsec_repository: 
pkgrepo.managed: 

- name: deb http://pkgrepo.offsec.com offsec-internal main 

- file: /etc/apt/sources.list.d/offsec.list 

- key_url: salt://offsec-apt-key.asc 

- require_in: 

- pkg: offsec-defaults 

offsec-defaults: 
pkg.installed 

ssh_key_for_root: 
ssh_auth.present: 

- user: root 

- name: ssh-rsa AAAAB3NzaClyc2...89C4N rhertzog@kali 


offsec_repository state onnpaeTCfl Ha pkgrepo state module. B 
npi/iMepe ncno/ib3yeTCfl ynpaBrmeMaa cj^yHKUHfl b 3tom state MOflyne 
Arm perncTpai 4 nn peno3HTopnfl naKeTOB. C noMombK) aTpn6yTa 
key_url, Bbi AaAHTe 3HaTb salt ( boo py>KHBmuch ASCII), hto GPG 
k/ikdh, Heo6xoAHMbiPi Arm npoBepKH noAnncn peno3MTopi/m, MOweT 
6biTb M3BneHeH M3 /srv/salt/offsec-apt-key.asc y salt master. ATpn6yT 
requirejn rapamnpyeT, hto bto hto btot state 6yAeT o6pa6oTaH ao 
offsec-defaults, TaK KaK noc/ieAHm/i Aon>KeH npaBH/ibHO HacTpoHTb 
peno3MTopnPi Arm ycTaHOBKH naKeTa. 

offsec-defaults state ycTaHaB/iHBaeT naKeT c t3khm >Ke caMbiM 
MMeHeM. 3to noKa3biBaeT, hto hma K/iK)Ha oneHb nacTO jm/meTca 
AOBO/lbHO B3>KH0M Be/IHHMHOM Arm State, XOTfl OHO BCerAa MO>KeT 6blTb 
nepeonpeAe/ieHO aTpn6yT0M name (KaK bto 6bmo CAe/iaHO Arm 
npeAbiAymero state). Arm npocTbix c/iynaeB, BpoAe 3Toro, oho h 
HMTaeMoe h AOBO/ibHO KpaTKoe. 

llocneAHHPi state (ssh_key_for_root) Ao6aB/meT SSH k/ikdh, 
3aAaHHbiPi b aTpn6yTe name b /root/.ssh/ authorized_keys (ueneBoPi 
nonb30BaTe/ib yKa3aH b aTpn6yTe user). 06paTMTe BHMMaHi/ie, hto Mbi 
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coKpaTn/in k/ikdh j\r\9\ noBbiiueHM^ HMTaeMOCTM 3Aecb, ho BaM c/ieflyeT 
noMecTHTb no/iHbiPi kiikdh b aTpn6yT name. 

3tot state c|)ai/i.n Aa/iee MO>KeT 6biTb npi/iM6H6H k 3aAaHHOMy MHHbOHy: 


server# salt kali-scratch state.apply offsec 

kali-scratch: 


ID: offsec_repository 
Function: pkgrepo.managed 

Name: deb http://pkgrepo.offsec.com offsec-internal main 
Result: True 

Comment: Configured package repo 'deb http://pkgrepo.offsec.com offsec-internal 
** main' 

Started: 06:00:15.767794 
Duration: 4707.35 ms 
Changes: 


repo: 

deb http://pkgrepo.offsec.com offsec-internal main 


ID: 

Function: 

Result: 

Comment: 

Started: 

Duration: 

Changes: 


offsec-defaults 
pkg.installed 
True 

The following packages were installed/updated: offsec-defaults 

06:00:21.325184 

19246.041 ms 


offsec-defaults: 


new: 

1.0 

old: 


ID: ssh_key_for_root 
Function: ssh_auth.present 
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Name: ssh-rsa AAAAB3NzaClyc2...89C4N rhertzog@kali 
Result: True 

Comment: The authorized host key AAAAB3NzaClyc2...89C4N for user root was added 
Started: 06:00:40.582539 
Duration: 62.103 ms 
Changes: 


AAAAB3NzaClyc2...89C4N: 
New 

Summary for kali-scratch 


Succeeded: 3 (changed=3) 
Failed: 0 


Total states run: 3 

Total run time: 24.015 s 


Oh T3 K>Ke MO>KeT 6blTb nOCTOflHHO CBfl3aH C MHHbOHOM, ec/lkl ero 
3anncaTb b cjra Pine/srv/sa It/top. sis, KOTopbiPi ncnonb3yeTcn KOMaHAoPi 
state.highstate A-nn npHMeHeHMn Bcex cooTBeTCTByK)mnx states 3a 
oahh bboa: 


server# cat /srv/salt/top.sls 
base: 

kali-scratch: 

- offsec 

server# salt kali-scratch state.highstate 

kali-scratch: 


ID: offsec_repository 
Function: pkgrepo.managed 

Name: deb http://pkgrepo.offsec.com offsec-internal main 
Result: True 

Comment: Package repo 'deb http://pkgrepo.offsec.com offsec-internal main' already 
configured 

Started: 06:06:20.650053 
Duration: 62.805 ms 
Changes: 


ID: 

Function: 

Result: 

Comment: 

Started: 

Duration: 

Changes: 


offsec-defaults 
pkg.installed 
True 

Package offsec-defaults is already installed 

06:06:21.436193 

385.092 ms 


ID: ssh key for root 
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Function: ssh_auth.present 

Name: ssh-rsa AAAAB3NzaClyc2...89C4N rhertzog@kali 
Result: True 

Comment: The authorized host key AAAAB3NzaClyc2...89C4N is already present for 
** user root 

Started: 06:06:21.821811 
Duration: 1.936 ms 
Changes: 

Summary for kali-scratch 


Succeeded: 3 
Failed: 0 


Total states run: 3 

Total run time: 449.833 ms 


10.3 PaouMpehme m HacrpoMxa Kali Linux 

1/lHorAa BaM Heo6xoflMMO M3MeHMTb Kali Linux Ann Toro, HTo6bi oh 
cooTBeTCTBOBa/i BaniMM noKa/ibHbiM Hy>KflaM. JlyHLUMM cnoco6 
CAe/iaTb 3 to - noAAep>KHBaTb Bam co6cTBeHHbiPi peno3MTopnPi 
naKeTOB, b kotopom pa3MemeHbi MOAHcpnui/ipoBaHHbie Bepcm/i Kali 
naiceTOB, KOTopbie BaM npi/iAeTCfl pa3BeTBMTb, Tao<e KaK m 
A ono/iHHTenbHbie naKeTbi, KOTopbie npeAOCTaBrmiOT HacTpaMBaeMyK) 
KOHcf)MrypauMK) h Aono/iHMTe/ibHoe nporpaMMHoe o6ecneHeHi/ie (He 
npeAOCTa/iflKrrcfl Kali Linux). 


10.3.1 Pa3BeTBAeHMe naKeTOB Kali 

no>Ka/iyMCTa, 03HaK0MbTecb c pa3Ae/iOM 9.1 «MoAn<t)HKaMMfl naKeTOB 
KaIi» [cTp. 222] Ann no/iyneHi/m ochobhom MHCpopMauHM Ha 3Ty TeMy. 

Bee naKeTbi MoryT 6 biTb pa3BeTB/ieHbi, ec/in y Bac ecTb Ha to BecKaa 
npMHMHa, ho Bbi AO/i>KHbi noHMMaTb, hto pa3BeTB/ieHi/ie naKeTa HMeeT 
cbok) cTOMMOCTb, nocKO/ibKy BaM npMAeTca o 6 HOB/i?iTb ero Ka>KAbm 
pa3, KorAa Kali 0 ny 6 .n 1 /iKyeT o 6 HOB/ieHne. Hn>Ke npi/iBeAeHbi 
HeCKO/lbKO npMHMH, 3aHeM BaM MO>KeT nOHaA 06 HTbCJl pa3BeTB/iaTb 
naKeT: 

• [\nn Ao6aB/ieHi/m naTna, HTo6bi HcnpaBHTb Heno/iaAKy v\nv\ 
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Ao6aBHTb HOByK) oco6eHHOCTb. Xom b 6o/ibLUMHCTBe cnynaeB BaM 
3axoHeTca nepeAaTb btot naTH cooTBeTCTBy kdluhm pa3pa6oTHHKaM 
Ann Toro, HTo6bi ohm McnpaBM/iM AaHHyio Heno/iaAKy y ce6a m/im 
A 06aBM/lM HOByK) 0C06eHH0CTb B MCTOHHMK. 

• f\nn KOMnM/ijquMM ero c pa3/iMHHbiMM napaMeTpaMM (npM yc/iOBMM, 
hto y Bac ecTb BecKMe npMHMHbi, no KOTopbiM Kali paHee He 
CAe/ia/ia btoto mx c btmmm napaMeTpaMM, MHane 6bino 6bi /lynnie 
o6cyAHTb 3T0 c pa3pa6oTHMKaMM Kali, HTo6bi y3HaTb, MoryT/iM ohm 
aKTMBMpoBaTb Hy>KHbie napaMeTpbi). 

• B OT/iMHMe ot BbiLuenepeHMc/ieHHbix npMHMH, HM>Ke Mbi npMBe/iM 
HecKO/ibKO He oneHb npMATHbix momchtob, KOTopbie MoryT 
BbmyAMTb Bac npM6erHyTb k pa3BeTB/ieHMK) naKeTa. Tao<e, Mbi 
yKa3anM HecKO/ibKO peKOMeHAauMM no noBOAy toto, KaK 
pa3peniMTb 3tm npo6/ieMbi: 

• f\nn toto HTo6bi MOAnc|)Mi4MpoBaTb cjoaM n KOHcf)MrypauMM. y Bac 
TaK>Ke ecTb HecKO/ibKO 6o/iee yAo6Hbix BapMaHTOB cAe/iaTb bto, 
HanpMMep, Mcno/ib30BaTb ynpaB/ieHMe KOHc|3Mrypai4MeM Ann 
aBTOMaTMHeCKOM yCTaHOBKM MOAHC|3MUMpOBaHHOrO C^aM/ia 
KOHcf)MrypauMM m/im ycTaHOBKM naKeTa KOHcf)MrypauMM, KOTopbiM 
noMecTMT cjDaMn b AnpeKTopMK) KOHcf)MrypauMM (KorAa bto 
bo3mo>kho) m/im HanpaBMT b ApyryK) CTopoHy McxoAHbiM c^aPm 
KOHcf)MrypauMM. 

• f\nn o6HOB/ieHMjq ao nocneAHeM hobom BepcMM. I/I cHOBa xotmm 
o6paTMTb Bame BHMMaHMe Ha to, hto /lynwe pa6oTaTb c 
pa3pa6oTHMKaMM a/ o6HOBneHM?i naKeTa Hanp^Myio b Debian m/im 
Kali. C MOAe/ibK) rolling release o6HOB/ieHMfl HaMHoro 6biCTpee 
AOCTMTHyT KOHenHbix no/ib30BaTe/ieM. 

CpeAH Bcex AOCTynHbix naKeTOB, cymecTByiOT HeKOTopbie, KOTopbie 

nBnn\orcn ochobhbimm CTpoMTe/ibHbiMM 6/iOKaMM Kali Linux, m b 

HeKOTopbix cMTyaMMjqx mx pa3BeTBneHMe MO>KeT 6biTb AOBO/ibHO 

MHTepeCHbIM: 

• kali-meta: btot McxoAHbiM naKeT co3AaeT Bee MeTa naKeTbi kali- 
linux-* m b oco6eHHOCTM kali-linux- full, KOTopbiM onpeAe/meT, 
KaKMe naKeTbi ycraHOB/ieHbi b ISO o6pa3e Kali Linux no 
yMO/lHaHMK). 

• desktop-base: btot mcxoahbim naKeT coasp>kmt mhokcctbo 
pa3HOo6pa3Hbix c^aM/iOB, KOTopbie Mcno/ib3yKmm no yMO/iHaHMK) b 
ycTpoPicTBax pa6onero cTO/ia. PaccMOTpMTe B03M0>KH0CTb 
pa3BeTBneHM^ btoto naKeTa, ec/iM Bbi xoTMTe noKa3aTb 6peHA 
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BaweM opraHM3aunn b c|dohobom pe>KMMe no yMO-nnaHmo m/im 
M 3MeHMTb TeMy pa6onero cTO/ia. 

• kali-menu: btot naiceT onpeAe/ifleT cTpyKTypy Kali MeHK) n 
npeAOCTaBnfieT .desktop cjoaM/ibi A-rm Bcex npmio>KeHm/i, KOTopbie 
AO/i>KHbi 6biTb nepeHMc/ieHbi b Kali MeHK). 


10.3.2 Co3A,aHMe naKeTOB KOHC^kirypaL^MM 

Tenepb, KorAa Mbi KOCHyrmcb 3arpy3KM PXE m o6cyAn/in ynpaB/ieHi/ie 
KOHc^MrypauMePi c noMombK) Salt-Stack, a TaK>Ke 3aTpoHynn Bonpoc o 
pa3BeTB/ieHMM naKeTOB, HacTa/io BpeMA nepeBecm btm npoqeccbi b 
npaKTMHecKMM npi/iMep m pacwi/ipi/iTb cueHapi/m, co3AaB co6cTBeHHbm 
KOHcfji/irypauMOHHbiM naKeT A-rm pa3BepTbiBaHna Hacrpai/iBaeMOi/i 
KOHcJ^MrypauMH Ha HecKO/ibKi/ix Mawi/max no/iyaBTOMaTi/mecKi/i. 

B 3tom npi/iMepe Bbi co3AaAHTe HacTpai/iBaeMbii/i naKeT, KOTopbiPi 
ycTaHaBnMBaeT m ncno/ib3yeT Bam co6cTBeHHbm peno3MTopm/i 
naKeTOB 1/1 k/ikdh noAni/ici/i GnuPG, pacnpeAe/iaeT KOHcjDi/irypaui/iK) 
SaltStack, npeAOCTaB/iaeT eAUHbiM cnoco6oM HacTpoMKi/i pa6onero 
CTO/ia no yMO/inaHHK) A-rm Bcex Bai±inx ycTponcTB Kali. 

3to MO>KeT noKa3aTbca c/iokhom 3aAaneM (oco6eHHO, ecrm Bbi 
3arrmHeTe b pyKOBOACTBO Debian New Maintainer Guide 44 ), ho, k 
cnacTbK), A-rm Hac naKeT KOHc^MrypauMM - bto b ochobhom c/io>KHbiM 
c^akinoBbiM apxMB m npeBpameHi/ie ero b naKeT AOBO/ibHO npocTO. 


M3yneHMe npuMepa naxeTa 

Ecm/i Bbi xoTHTe M3yHMTb pea/ibHbiPi naKeT, KOTopbiPi flBrmeTCfl b 
ochobhom naKeTOM KOHc^MrypauHM, paccMOTpMTe naKeT kali-defaults. 
Oh He TaK npocT, KaK npMMep npHBeAeHHbiM b btom pa3Ae/ie, ho oh 
MM eeT Bee cooTBeTCTByK>mne xapaKTepncTMKi/i m Aa>Ke ncno/ib3yeT 
HeKOTopbie nepeAOBbie MeTOAbi (HanpMMep, dpkg-divert) A-ns 3aMeHbi 
cjDaM/iOB, y>Ke npeAOCTaB/ieHHbix ApyrnMi/i naKeTaMi/i. 


naKeT offsec-defaults 6yAeT coAepwaTb HecKO/ibKO c^ai/moB: 

• /etc/apt/sources.list.d/offsec.list: sources.list 3anncb A-rm APT, 


44 https://www. debian.org/doc/manuats/maint-guide/ 
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KOTopaa Ae/iaeT AOCTynHbiM BHyTpeHHMM peno3MTopMM naiceTOB 
KOMnaHMM. 

• /etc/apt/trusted.gpg.d/offsec.gpg: k/ikdh GnuPG, KOTopbiM 
ncnonb3yeTCfi A-rm noArmcM BHyTpeHHero peno3MTopnfi naKeTOB 
KOMnaHMM. 

• /etc/salt/minion.d/offsec.conf: cpaM/i KOHcpMrypauMM SaltStack, 
KOTopbiPi Mcno/ib3yeTCfl A-n^ Toro, HTo6bi onpeAe/iMTb, r^e HaPiTM 
Salt master. 

10.3.3 Co 3 A,aHMe peno3MTopMfl naKeTOB f\nn APT 

Tenepb, KorAa y Bac ecTb co6cTBeHHbiM naKeT, Bbi MO>KeTe 
pacnpocTpaH^Tb ero nepe3 peno3MTopMM naKeTOB APT. l/lcno/ib3yMTe 
reprepro A-n^ co3AaHMfl we/iaeMoro peno3MTopM?i m ero HanormeHMA. 
3T0T MHCTpyMeHT AOBO/lbHO MOLUHbIM, M erO CnpaBOHHyK) CTpaHMUy, 
6e3yc/iOBHO, ctomt npoHMTaTb. 

Peno3MTopMM naKeTOB o6bNHO pa3MemaeTCfl Ha cepBepe. HTo6bi 
npaBM/ibHO OTAe/iMTb ero ot Apyrnx cny>K6, 3anymeHHbix Ha cepBepe, 
/lyHLue Bcero co3AaTb no.nb30BaTe.rm, cneqMa/ibHO npeAHa3HaneHHoro 
A/m 3 tom cny>K6bi. B 3 tom cneuMa/ibHOM yneTHOM 3anMCM 
no/ib30BaTe/iB Bbi cMO>KeTe pa3MemaTb cpaM/ibi peno3MTopMA, a TaK>Ke 
k/ikdh GnuPG, KOTopbiPi 6yAeT Mcno/ib30BaTbCfl A-n^ noAriMCM 
peno3MTopMA naKeTOB: 


346 


# apt install reprepro gnupg 

[...] 

# adduser --system --group pkgrepo 

Adding system user 'pkgrepo' (UID 136) ... 

Adding new group 'pkgrepo' (GID 142) ... 

Adding new user 'pkgrepo' (UID 136) with group 'pkgrepo' ... 

Creating home directory '/home/pkgrepo' ... 

# chown pkgrepo $(tty) 

# su - -s /bin/bash pkgrepo 
$ gpg --gen-key 

gpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc. 

This is free software: you are free to change and redistribute it. 

There is NO WARRANTY, to the extent permitted by law. 

gpg: directory '/home/pkgrepo/.gnupg' created 

gpg: new configuration file '/home/pkgrepo/.gnupg/dirmngr.conf’ created 
gpg: new configuration file '/home/pkgrepo/.gnupg/gpg.conf' created 
gpg: keybox '/home/pkgrepo/.gnupg/pubring.kbx' created 
Note: Use "gpg --full-gen-key” for a full featured key generation dialog. 

GnuPG needs to construct a user ID to identify your key. 

Real name: Offensive Security Repository Signing Key 
Email address: repoadmin@offsec.com 
You selected this USER-ID: 

"Offensive Security Repository Signing Key <repoadmin@offsec.com>" 

Change (N)ame, (E)mail, or (0)kay/(Q)uit? o 

We need to generate a lot of random bytes. It is a good idea to perform 
some other action (type on the keyboard, move the mouse, utilize the 
disks) during the prime generation; this gives the random number 
generator a better chance to gain enough entropy. 

[...] 

gpg: /home/pkgrepo/.gnupg/trustdb.gpg: trustdb created 
gpg: key B4EF2D0D marked as ultimately trusted 
gpg: directory '/home/pkgrepo/.gnupg/openpgp-revocs.d' created 
gpg: revocation certificate stored as '/home/pkgrepo/.gnupg/openpgp-revocs.d/ 
F8FE22F74F1B714E38DA6181B27F74F7B4EF2D0D.rev’ 
public and secret key created and signed. 

gpg: checking the trustdb 

gpg: marginals needed: 3 completes needed: 1 trust model: PGP 
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, lu 
pub rsa2048/B4EF2D0D 2016-06-17 (S) 

Key fingerprint = F8FE 22F7 4F1B 714E 38DA 6181 B27F 74F7 B4EF 2D0D 
uid [ultimate) Offensive Security Repository Signing Key <repoadmin@offsec.com> 

sub rsa2048/38035F38 2016-06-17 [) 


06paTHTe BHMMaHi/ie, hto Koraa BaM 6yaeT npeA-noweHO BBecTu 
MAeHTncf)HKauMOHHyK) ct>pa3y, Bbi AO/i>KHbi BBecTu nycroe 3HaHeHMe (m 
noATBepAMTb, hto Bbi He xoTHTe 3ammnaTb cbom 3aKpbiTbiPi k/ikdh), 
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nOCKO/lbKy Bbl XOTMTe HMeTb B03M0>KH0CTb nOflni/ICaTb pen03MT0pMM 
He HHTepaKTHBHO. TaK>Ke o6paTHTe BHMMaHMe, hto gpg Tpe6yeT 
AOCTyn f\y\9\ 3anMCM K TepMMHa/iy, HT 06 bl HMeTb B03M0>KH0CTb 
6e3onacHO 3anpaLunBaTb nAeHTncf)HKaunoHHyK) cf)pa3y: mmchho 
no3TOMy Bbi n3MeHnnn npaBa co6cTBeHHOCTM Ha BnpTyanbHbiPi 
TepMMHan (KOTopbM npMHaAne>KMT root, TaK KaK Bbi nepBOHananbHO 
6bmn noAK/iK)HeHbi KaK btot nonb30BaTenb), npe>KAe neM 3anycKaTb 
o6onoHKy KaK pkgrepo. 

Tenepb Bbi MOweTe HanaTb HacrpoPiKy peno3MTopMn. fl/ia reprepro 
Heo6xoAHMa cneuManbHan AMpeKTopMn, m BHyTpi/i btoPI AnpeKTopnn 
BaM Heo6xoAHMO co3AaTb cj^aPin conf/distributions, b kotopom 
onMcaHbi, KaKkie AncTpn6yTHBbi AOCTynHbi b peno3MTopnn naKeTOB: 


$ mkdir -p reprepro/conf 
S cd reprepro 

S cat >conf/distributions «END 
Codename: offsec-internal 
AlsoAcceptFor: unstable 
Origin: Offensive Security 
Description: Offsec's Internal packages 
Architectures: source amd64 i386 
Components: main 

SignWith: F8FE22F74F1B714E38DA6181B27F74F7B4EF2D0D 
END 


06?i3aTe/ibHbie nonn: Codename, b kotopom yKa3biBaeTcn mm n 
AMCTpM6yTMBa «ApxMTeKTypa» (Architectures), KOTopoe yKa3biBaeT, 
KaKMe apxMTeKTypbi 6yAyT AOCTynHbi b AMCTpM6yTMBe (m yTBep>KASHbi 
bo BpeMfl BBOAa), m «KoMnoHeHTbi» (Components), hto yKa3biBaeT Ha 
pa3/iMHHbie KOMnoHeHTbi, AOCTynHbie b AMCTpM6yTMBe (KOMnoHeHTbi 
CBoero poAa noApa3AeneHMe AncrpM6yTMBa, KOTopoe MO>KeT 6biTb 
BK/iKDneHO OTAe/ibHO b sources.list APT). 

non* «I/1ctohhmk» (Origin) m «OnMcaHMe» (Description) nBnnKrrcn 
HMCTO MHCjDOpMaTMBHblMM, M OHM KOnMpyiOTCfl KaK eCTb M3 Cj^aMTia 
Release, none SignWith npocMT reprepro noAnMcaTb peno3MTopMPi c 
noMombK) Kniona GnuPG, nePi MASHTMcf)MKaTop BKmoneH b cnMcoK 
(noMecTMTe 3Aecb nonHyio KOHTponbHyio cyMMy cj^aPina, HTo6bi 
y6eAMTbcn, hto Bbi Mcnonb3yeTe npaBMnbHbiPi Knion, a He ApyroPi c 
kopotkmm MASHTMcf)MKaTopoM). napaMeTp AlsoAcceptFor He 
Tpe6yeTcn, ho no3BonneT o6pa6aTbiBaTb cj^aPinbi .changes, Hbe none 
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Distribution MMeeT 3HaHeHMe, yKa3aHHoe 3flecb (6e3 3Toro oho 6yfleT 
npMHMMaTb TO/ibKO KOflOBoe v \ M 9 \ AMCTpn6yTHBa b 3tom none). 


l/lcno/ib3yfl 3Ty 6a30ByK) HacrpoPiKy, Bbi MO>KeTe no3BO/iMTb reprepro 
creHepi/ipoBaTb nycTOH peno3HTopnPi: 

$ reprepro export 

Exporting indices... 

$ find . 

./db 

./db/version 

./db/references.db 

./db/contents.cache.db 

./db/checksums.db 

./db/packages.db 

./db/release.caches.db 

./conf 

./conf/distributions 
./dists 

./dists/offsec-internal 
./dists/offsec-internal/Release.gpg 
./dists/offsec-internal/Release 
./dists/offsec-internal/main 
./dists/offsec-internal/main/source 
./dists/offsec-internal/main/source/Release 
./dists/offsec-internal/main/source/Sources.gz 
./dists/offsec-internal/main/binary-amd64 
./dists/offsec-internal/main/binary-amd64/Packages 
./dists/offsec-internal/main/binary-amd64/Release 
./dists/offsec-internal/main/binary-amd64/Packages.gz 
./dists/offsec-internal/main/binary-i386 
./dists/offsec-internal/main/binary-i386/Packages 
./dists/offsec-internal/main/binary-i386/Release 
./dists/offsec-internal/main/binary-i386/Packages.gz 
./dists/offsec-internal/InRelease 


KaK Bbi MO>KeTe Bi/iaeTb, reprepro co3Aa/i MeTaflaHHbie peno3HTopmq b 
noAKaTa/iore dists. Oh TaK>Ke nHnuMann3npoBa/i BHyTpeHHKDK) 6a3y 
AaHHbix b noAKaTa/iore db. 

HacTano Bpeym Ao6aBHTb Bam nepBbiPi naKeT. CHana/ia cKonupyi/iTe 
c^aPi/ibi, creHepnpoBaHHbie c6opKoPi naKeTa offsec-defaults (offsec- 
defaults_1.0.dsc, offsec-defaults_1.0.tar.xz, offsec- 

defaults_1.0_all.deb m offsec-defaults_1.0_amd64.changes) b /tmp 
Ha cepBepe, Ha kotopom pa3MemeH peno3MTopm/i naiceTOB, h cKa>KHTe 
reprepro BK/iK)HMTb naKeT: 
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$ reprepro include offsec-internal /tmp/offsec-defaults_1.0_amd64.changes 

Exporting indices... 

$ find pool 

pool 

pool/main 

pool/main/o 

pool/main/o/offsec-defaults 

pool/main/o/offsec-defaults/offsec-defaults_1.0.dsc 
pool/main/o/offsec-defaults/offsec-defaults_1.0.tar.xz 
pool/main/o/offsec-defaults/offsec-defaults_1.0_all.deb 


Kai< Bbi MO>KeTe BMAeTb, oh Ao6aBnn cjDaPinbi b cboh co6cTBeHHbiPi ny/i 
naKeTOB b noAKaTa/iore ny/ia. 

KaTa/iom dists h pool - bto Aae AnpeKTopi/iH, KOTopbie Heo6xoAHMO 
CAe/iaTb (o6me) AOcrynHbiMi/i nepe3 HTTP, HTo6bi 3aBepi±iMTb 
HacTpoPiKy Bamero peno3MTopnfl APT. Ohh coAsp>KaT Bee $av\r\b\, 
KOTopbie APT 3axoneT 3arpy3HTb. 

llpeAno/iara^, hto Bbi xoTHTe pa3MecTHTb 3 to Ha Bi/ipTya/ibHOM xocTe 
noA H33BaHneM pkgrepo.offsec.com, Bbi MO>KeTe co3AaTb 
cooTBeTCTByK)mnPi ct>ai/i.n KOHct>nrypaunn Apache, coxpaHHTb ero b 
/ etc/apache2/sites- available/pkgrepo. offsec.com.conf, m 
aKTHBMpoBaTb ero c noMombK) a2ensite pkgrepo.offsec.com): 


<VirtualHost *:80> 

ServerName pkgrepo.offsec.com 
ServerAdmin repoadmin@offsec.com 

ErrorLog /var/log/apache2/pkgrepo.offsec.com-error.log 

CustomLog /var/log/apache2/pkgrepo.offsec.com-access.log "%h %l %u %t \"%r\” %>s %0" 

DocumentRoot /home/pkg repo/rep repro 

<Directo ry "/home/pkg repo/rep rep ro"> 

Options Indexes FollowSymLinks MultiViews 
Require all granted 
AllowOverride All 
</Directory> 

</VirtualHost> 


I/I cooTBeTCTByiomaji 3anncb sources. list A-rm Ao6aB/ieHi/m Ha 
ManiHHax, KOTopbie Hy>KAaK)TCJi b naKeTax H3 btoto peno3HTopna, 
6yAeT Bbir/i^AeTb TaK: 
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deb http://pkgrepo.offsec.com offsec-internal main 


# Enable next line if you want access to source packages too 

# deb-src http://pkgrepo.offsec.com offsec-internal main 


Tenepb Bam naKeT ony6/iMKOBaH m Aon>KeH 6biTb AOcryneH flna BarniMx 
ceTeBbix XOCTOB. 

XOTfl 3T0 6bma AOBO/lbHO T3KM fl/lHTe/lbHa?! yCTaHOBKa, «Ta>KenblM 
TpyA» HaKOHeu 3aBepmeH. Bbi MOweTe 3arpy>KaTb cbom ceTeBbie 
MamMHbi nepe3 PXE, ycraHaB/iMBaTb MHAMBMAya/ibHyio BepcMK) Kali 
Linux 6e3 HenocpeflCTBeHHoro B3auM0AeMCTBMjR 6/iaroAapa 
npeAOCTaB/ieHHOMy ceTbK) preseed, HacTpauBaTb SaltStack A-rm 
ynpaB/ieHMjR BarnMMM KOHC^urypaMuaMM (m kohtpo/ik) HaA 
MMHbOHaMM!), co3AaBaTb pa3BeTBneHHbie no/ib30BaTe/ibCKMe naKeTbi 
m pacnpocrpai-mTb btm naKeTbi nepe3 Bam co6cTBeHHbiM naKeTHbiM 
peno3MTopnPi. 3to o6ecnenMBaeT 14 eHTpa.n 1 / 130 BaHH 0 e ynpaB/ieHi/ie m 
KOHTpo/ib ypoBHjR npeAnpi/mTi/m Ha HecKO/ibKMx ycrpoi/icTBax Kali 
Linux. Kopone roBopfl, Tenepb Bbi MO>KeTe 6biCTpo pa3BepTbiBaTb 
BbicoK03ammueHHbie cMcreMbi Kali, npeAeapHTe/ibHO 

CKOHcj3MrypnpoBaHHbie A-n^ BarniMx KOHKpeTHbix noTpe6HOCTeM, m 
CMHxpoHH3npoBaTb mx 6/iaroAapa (nonyaBTOMaTMHecKOM) ycTaHOBKe 
Bcex o6HOB/ieHMM naKeTa Kali. 


10.4 noABeAGM morn 

Kali Linux MO>KeT Mcno/ib30BaTbCfl b pa3/iMHHbix qermx m Ha 
pa3/lMHHblX ypOBHJRX, HaHMHa OT OAHHOHHOrO n0/lb30BaTe/lfl M 
3aKaHHMBaa ypoBHeM npeAnpMATMA. B btom rnaBe Mbi 3aTpoHy/iM 
BOnpOCbl OTHOCMTe/lbHO TOTO, K3KMM 06pa30M UeHTpanM30BaTb 
ynpaBneHMe MHO>KecTBOM ycTpoPicTB Kali c noMombK) SaltStack, 
n03B0fmfl BaM 6blCTpO pa3B0paHMBaTb BblC0K03aiAHmeHHbie CMCTeMbl 
Kali, npeABapMTenbHO HacTpoeHHbie noA Bamn KOHKpeTHbie Hy>KAbi. 
Mbl T3 K>Ke nOKa3a/lM, KaK Bbi MO>KeTe CMHXpOHM3MpOBaTb MX 
6/iaroAapa (nonyaBTOMaTMHecKOM) ycTaHOBKe o6HOB/ieHMM naKeTOB 
Kali. 

Mbi o6cyAn/iM pa3BeTBneHMe naKeTOB, KOTopoe no3BormeT co3AaBaTb 
co6cTBeHHbie HacrpaMBaeMbie AHCTpM6yTMBHbie McxoAHbie naKeTbi. 
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BicpaTue, flaBaPiTe paccMOTpMM ocHOBHbie warn, Heo6xoflMMbie Ann 
co3AaH ha Salt MacrepoB n mhhbohob, KOTopbie no3BO/iflK)T 
ocymecTB/iflTb AHCTaHUHOHHoe ynpaB/ieHne n HacrpoPiKy y^a/iem-ibix 
XOCTOB. 

OCHOBHbie MOMeHTbi: 

• 3arpy3MTe Mawi/my H3 ceTi/i c PXE, c TFTP c^aPi/iOBbiM cepBepoM, 
DHCP/BOOTP cepBepoM (h Be6-cepBepoM c debconf preseeding). 
dnsmasq o6pa6aTbiBaeT KaK DHCP h TFTP, a apache2 Be6- 
cepBep ycTaHOBneH 3apaHee (ho 3a6/iOKnpoBaH) Ha Kali. 

• PyKOBOACTBO no ycrraHOBKe Debian 3aTparnBaeT ycTaHOBKy isc- 
dhcp-server h tftpd-hpa Ann 3arpy3Kn PXE: 

• https://www.debian.org/releases/stable/amd64/ch04s05.html 

• dnsmasq HacrpoeH nepe3 /etc/dnsmasq.conf. 5a30Bafl 
KOHc|3i/irypai4Hfl coctoht Bcero H3 HecKO/ibKnx K/iK)HeBbix ctpok: 


# Network interface to handle 
interface=eth0 

# DHCP options 

# IP range to allocate 

dhcp-range=192.168.101.100,192.168.101.200,12h 

# Gateway to announce to clients 
dhcp-option=option:router,192.168.101.1 

# DNS servers to announce to clients 

dhcp-option=option:dns- serve r,8.8.8.8,8.8.4.4 

# Boot file to announce to clients 
dhcp-boot=pxelinux.0 

# TFTP options 
enable-tftp 

# Directory hosting files to serve 
tftp-root=/tftpboot/ 


• PacnaicyMTe 32-pa3pnAHbie (i386), 64-pa3pRAHbie (amd64), 
CTaHAapTHbie h/ih rpac|}HHecKne (gtk) ycraHOBOHHbie c^aM/ibi 
3arpy3Kn H3 apxHBa Kali b /tftpboot/. Apxi/iBbi mo>kho HaPiTn 3Aecb: 

http://http.kali.org/dists/kali-rollinq/main/installer-amd64/current/ 

images/netboot/gtk/netboot.tar.gz 

http://http.kali.org/dists/kali-rollinq/main/installer-amd64/current/ 

images/netboot/netboot.tar.gz 
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http://http.kali.org/dists/kali-rollinq/main/installer-i386/current/ 

images/netboot/gtk/netboot.tar.gz 


http://http.kali.org/dists/kali-rollinq/main/installer-i386/current/ 

images/netboot/netboot.tar.gz 


# mkdir /tftpboot 

# cd /tftpboot 

# wget http://http.kali.org/dists/kali-rolling/main/installer-amd64/current/ 

• images/netboot/netboot.tar.gz 

# tar xf netboot.tar.gz 


• B cnynae Heo6xoflMMOCTM n3Mem/iTe txt.cfg HTo6bi noABepmyrb 
npecnAUHry napaMeTpbi mjim no/ib30BaTe/ibCKHM jimmht BpeMeHn. 
Cmotpm pa3Ae/i 4.3, "ABTOMaTi/mecicne ycTaHOBKi/i” [cTp. 91]. 3aTeM 
Bbi MO>KeTe ncno/ib30BaTb MHCTpyMeHTbi ynpaB/iem/m 
KOHcjDurypauMeM A-na ynpaB/ieHi/m MamuHaMM h/im HacrpoMKM 
yAa/ieHHbix KOMnbKrrepoB ao ziK)6oro >Ke/iaeMoro BaM coctoahi/im. 

• SaltStack nsnneTcn 14 eHTpa.n 1 / 130 BaHH 01 /i c/iy>K6oPi ynpaB/ieHna 
KOHctDurypaunePi: Salt master ynpaBrmeT MHO>KecTBOM Salt 
MMHbOHOB. YcTaHOBUTe naKeT salt-master Ha AOcrynHbiPi cepBep 
1/1 salt-minion ynpaBrmeMbix KOMnbKrrepax. 

• OTpeAa kth pyMTe dpav\n K 0 Hct>nrypai 4 nn /etc/salt/minion YAML- 
formatted 1/1 ycTaHOBHTe master k/ikdh A-rm DNS i/iMeHi/i (nrin IP 
aApeca) Salt MacTepa. 

• YcTaHOBHTe yHMKanbHblPi MAeHTHC|3HKaT0p MHHbOHOB B 
/etc/salt/minion Jd: 


minion# echo kali-scratch >/etc/salt/minion_id 
minion# systemctl enable salt-minion 
minion# systemctl start salt-minion 


• fla/iee i/iact o6MeH K/iKDHaMi/i. master, npi/iHi/iMaeT k/ikdh 
ayTeHTncf)HKai4HM MHHbOHa. rioc/ieAyK)mee coeAHHeHi/ie npoPiAeT 
aBTOMaTHHeCKH. 


master# systemctl enable salt-master 
master# systemctl start salt-master 
master# salt-key --list all 
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Accepted Keys: 

Denied Keys: 

Unaccepted Keys: 
kali-scratch 
Rejected Keys: 

master# salt-key --accept kali-scratch 

The following keys are going to be accepted: 

Unaccepted Keys: 

kali-scratch 

Proceed? [n/Y] y 

Key for minion kali-scratch accepted. 


• KaK TO/lbKO MUHbOH n0K/lK)HeH, Bbl MO>KeTe BbinO/ll-mTb KOMaHflbl 
Ha hhx c master KOMnbKrrepa. flpi/iMepbi: 


master# salt test.ping 

kali-scratch: 

True 

kali-master: 

True 

master# salt kali-scratch cmd.shell 'uptime; uname -a' 
master# salt kali-scratch sys.doc' 
master# salt service.enable ssh 


[...] 

master# salt service.start ssh 


[...] 

master# salt 
[...] 

master# salt 
server# salt 


pkg.refreshdb 

pkg.upgrade dist_upgrade=True 
cmd.shell ’pkill -f dnmapclient' 
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HacTb 11: EteeAeHMe b oi^eHKy 6e3onacHOCTM 
CoflepnoHne: 

11.1 Kali Linux b oueHKe 

11.2 Tunbi oqeHOK 

11.3 0 opMa.n 1 / 13 a 141 /m oueHKM 

11.4 Tunbi aTaic 

11.5 lloflBeAeM i/itotm 

K/noneBbie c/iOBa r/iaBbi: 

• Tunbi oqeHOK 

• OqeHKa yfl 3 BMM 0 CTi/i 

• TecTkipoBaHue Ha npoHi/iKHOBeHi/ie Ha ocHOBe cooTBeTCTBi/m 

• TpaAHUMOHHoe TecTkipoBaHHe Ha npoHi/iKHOBeHi/ie 

• OueHKa npn/io>KeHi/m 

• Tunbi aTaK 

• DOS aTaica 

• rioBpe>KASHi/ie naMflTi/i Be6-yfl3BHMOCTi/i 

• ATaK m B3/iOMa napo/m 

• ATaKi/i Ha K/ii/ieHTa 
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Mbi ocBeTM/iM AOCTaTOHHO oco6bix cbohctb Kali Linux, noaTOMy y Bac 
AO/i>kho 6biTb xopomee noHUMaHne Toro, hto Ae/iaeT Kali Linux 
oco6eHHbiM, n KaK cnpaBUTbCjq c p^aom c/io>KHbix 3aAan. 

CymecTByeT HecKO/ibKO KOHuenunn OTHOCHTe/ibHO oueHKH 
6e3onacHOCTM, KOTopbie BaM c/ieAyeT noHHMaTb nepeA Hana/iOM 
Mcnonb30BaHM^ Kali. B btoh maBe Mbi npeACTaBUM 3th KOHuenunn n 
npeAOCTaBMM ccbi/iKH, KOTopbie cMoryT OKa3aTb noMomb, ec/in BaM 
Hy>KHO ncnonb30BaTb Kali f\nn Bbino/iHeHHJi oueHKH 6e3onacHOCTH. 
Ana Hana/ia Tpe6yeTCJi KaKoe-TO BpeMJi, HTo6bi neTKO noHJiTb, hto 
03HanaeT «6e3onacHOCTb» npn pa6oTe c HHcjDopMauHOHHbiMH 
cucTeMaMM. ripi/i nonbiTKe o6e3onacnTb HHc^opMaunoHHyK) cncreMy 
Bbi KOHueHTpi/ipyeTecb Ha Tpex nepBHHHbix cBoncTBax cncreMbi: 

• KoHcpM/ieHUManbHOCTb: MoryT nv\ AencTByiOLune zinua, y KOTopbix 
HeT AOCTyna k cncreMe n/in HHcj^opMaunn, no/iynnTb AOCTyn? 

• Ue/iocTHOCTb: MO>xeT nv\ cncreMa v\nv\ AaHHbie 6biTb n3MeHeHbi TeM 
n nv\ HHbiM cnoco6oM, ec/in bto He 6bmo 3an/iaHnpoBaHO? 

• flocTynHOCTb: mo>kho nv\ no/iynnTb AOCTyn k AaHHbiM n/in cncreMe 
npMBblHHblM cnoco6oM? 

Bee BMecTe bth Tp n KOMnoHeHTa o6pa3yK)T CIA TpnaAy 
((Confidentiality, Integrity, Availability) h/ih KI4fl TpnaAy 
(KoH<fimeHUMafibHOCTb, UenocTHoerb, AocrynnocTb )) h, no 6o/ibi±ien 
H3CTH, J1B/1J1K)TCJ1 nepBHHHblMH nyHKTaMH, Ha KOTOpbIX Bbl 
cocpeAOTOHMTe CBoe BHHMaHne npH oueHKe 6e3onacHOCTn, KaK Haem 
CTaHAapTHoro pa3BepTbiBaHHJi cncreMbi, ee noAAep>KKH huh oueHKH. 

Ba>KHO OTMeTHTb, hto b HeKOTopbix c/iynajix Bbi MO>KeTe 6biTb 6o/ibiiie 
o6ecnoKoeHbi oahhm KOMnoHeHTOM TpnaAbi CIA, neM ApyrHMH. 
HanpHMep, ec/in y Bac ecTb /lnnHbin >KypHa/i, coAepwamHH Banin 
CaMbie CeKpeTHbie MbIC/lH, TO COOTBeTCTBeHHO KOHC^HAOHUHa/lbHOCTb 
>KypHana MO>KeT 6biTb 6o/iee Ba>KHa A-rm Bac, neM, k npnMepy, ero 
ue/iocTHOCTb h AOCTynHOCTb. flpyrHMH c/iOBaMM, Bac He 6yAeT 
6ecnoKOHTb, cMO>KeT /in kto-/ih6o HanncaTb hto-to b >KypHa/ie, n/in 
6yAeT /in oh BcerAa nsnmbcn AOCTynHbiM. C Apyron cTopoHbi, ec/in 
Bbi 3amnLuaeTe cncTeMy, KOTopasi coAepwnT n OTc/ie>KnBaeT 
MeAnunHCKne npeAnncaHna, to ue/iocTHOCTb AaHHbix 6yAeT oneHb 
Ba>KHa. T.k. oneHb b3>kho, HTo6bi Apyrne /ikdah He cMor/in no/iynnTb 
AOCTyn k AaHHbiM KacaTe/ibHO Toro, KaKne MeAHKaMeHTbi npnMeHJieT 
tot h/ih hhoh nauneHT, a TaK>Ke oneHb b3>kho, HTo6bi Bbi 6bmn 
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yBepeHbi, hto /imhho 06/iaAaeTe AOcrynoM k cnucKy MeflMKaMeHTOB; 
ec/iM >Ke kto-to cMO>KeT n3MeHMTb coAepwaHMe CMCTeMbi (Hapyuiaa 
uenocTHOCTb), bto MO>KeT npMBecTu k pe3y/ibTaTaM, yrpo>KaK)LunM 
>KM3HM He/lOBeKa. 

Konaa Bbi nbiTaeTecb o6e3onacMTb cMcreMy, m y Bac bo3hmk Bonpoc, 
BaM c/ieflyeT onpeAe/iMTbCfl k KaicoPi H3 KOHuenunPi h/ih hx coneTaHMio 
othocmtca bo3hmklumm Bonpoc. 3 to no3BO/iMT noHATb npo6/ieMy 
6o/iee lumpoko, m OTHecTu Bonpoc b cooTBeTCTByiomyK) KaTeropMK), a 
TaK>xe pa3o6paTbca c hum. Tai<>Ke Bbi cMO>KeTe MAeHTuc^nunpoBaTb 
yfl3BMM0CTM, KOTOpbie B/lMflK)T Ha OAHH M/1M HeCKO/lbKO nyHKTOB 
TpnaAbi CIA. flaBaPiTe Mcno/ib3yeM Be6-npnno>KeHMe BMecTe c 
yfl3Bi/iM0CTbK) Tuna SQL HHteKUHH b KanecTBe npMMepa: 

• KoHcpM/ieHUManbHOCTb: y^3BHM0CTb Tuna «SQL HH _ beKumq» 
no3BO/iaeT aTaKyKDmePi CTopoHe M3B/ieHb Bee coAep>KHMoe Be6- 
npi/moweHi/m, hto AaeT 3/ioyMbiLu/ieHHMKy B03M0>KH0CTb no/iHoro 
AOCTyna k cHMTbiBaHMK) Bcex AaHHbix, ho He AaeT B03M0>KH0CTb 
M3MeHeHMfl HHcj^opMauMH m/im 6/iOKMpoBaHMfl AOCTyna K 6a3e 
AaHHbix. 

• U,enocTHOCTb: y^3BHMOCTb Tuna «SQL MHteKUMj^ no3BO/ifleT 
aTaicyiomePi CTopoHe n3MeHHTb cymecTByiomyK) HHct^opMauHK) b 
6a3e AaHHbix. ATaKyromafl cTopoHa He MO>KeT cHMTbiBaTb 
HHcjDopMaMMK) m/im 3anpemaTb AOCTyn ApyrMM no.nb30BaTe.rmM k 
6a3e AaHHbix. 

• p, 0 CTyr\H 0 CTb\ y^3BHMOCTb Tuna «SQL HH‘beKumq» HHMUHHpyeT 
A/iMTe/ibHbiPi 3anpoc, noTpe6/mK)LUMPi 6o/ibi±ioe KO/iMnecTBO 
pecypcoB Ha cepBepe. 3 tot 3anpoc, b tom c/iynae ec/iM oh 
HHHUMH pyeTCa HeCKO/lbKO pa3, npMBOAHT K CMTyaUHM OTKa3a B 
o6cny>KHBaHMn (DoS). ATaicyiOLuafl CTopoHa He MMeeT bo 3 mo>khoctm 
AOCT yna h/ih n3MeHeHHjq AaHHbix, ho MO>KeT orpaHHHHTb AOCTyn 
33K0HHbiM nonb30BaTe/uqM k Be6-npnno>KeHMK). 

• MHoroKpaTHOCTb : y^3BHM0CTb Tuna «SQL HH‘beKunjq» npHBOAHT k 
no/iHOMy HHTepaKTMBHOMy AOCTyny o 6 o/iohkm k onepauHOHHoPi 
cMCTeMe xocTa, 3anycKaK)mero Be6-npnno>KeHne. I/Im en TaKoPi 
AOCTyn, aTaKyiomaa CTopoHa cMO>KeT HapyuiHTb 
KOHCf)HASHMMa/lbHOCTb CMCTeMbi, KaK MM 3aXOHeTCfl, nO/iyHMB 
AOCTyn K AaHHbIM; CKOMnpOMeTMpOBaTb qe/lOCTHOCTb CMCTeMbi, 
M3MeHjm AaHHbie; ho ec/iM ohm Bee >Ke peuiaTCfl Ha TaKoe, BaM 
c/ieAyeT yAa/iMTb, KOTopoe MOweT npMBecTM k KOMnpoMeTauMM 
AOCTynHOCTM CMCTeMbi. 
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KoHuenui/m, BK/iiOHeHHbie b TpnaAy CIA, He flBrmiOTCfl oneHb 
c/io>KHbiMM, m, cKopee Bcero, Bbi nocTOJRHHO pa6oTaeTe c humm 
MHT yMTMBHO, Aa>Ke ec/iM Bbi caMM aToro He oco3HaeTe. OAHaKO, b3>kho 
BHHM aTe/ibHO B3anMOAeMCTBOBaTb c KOHuenuMePi, t.k. OHa noMoraeT 
BaM pacno3HaTb, KyAa 6yAeT jiyHLue Bcero HanpaBMTb cbom yc m/ima. 
Taicafl KOHqenTya^bHafi ocHOBa noMO>KeT BaM onpeAe/iMTb 
KpHTHHeCKMe KOMIlOHeHTbl CMCTeMbl M KO/lHHeCTBO yCM/lMM H 
pecypcoB, KOTopbie ctomt 3aTpaTMTb Ha McnpaB/ieHMe BbmB/ieHHbix 
npo6/ieM. 

flpyraa KOHuenpMfl, Ha KOTopyK) Mbi 6yAeM ccbmaTbCfl,- bto puck, m 
TO, K3KMM MMeHHO 06pa30M OH COCTOMT M3 yrp03 M yB3BMMOCTeH. 
3tm KOHuenuMM He oneHb c/io>KHbie, ho mx zierKO noHATb HeBepHbiM 
06pa30M. ri03>Ke Mbl AeTa/lbHO paCCMOTpMM 3TM KOHuenuMM. Ho Ha 
6onee BbicoKOM ypoBHe /lynLue AyMaTb o pncxax, KOTopbie Bbi 
nbuaeTecb npeAOTBpaTMTb, yrpo3ax - a mmchho, otom kto MO>KeT mx 
BaM cAe/iaeT, m yn3BHMOCTnx - a mmchho, hto MO>KeT Mcno/ib30BaTb 
MX. 


HanpMMep, nocemaa pa3/iMHHbie cTopoHbi cBeTa, Bbi MO>KeTe 
noAeeprHyTb ce6 n pucxy 3a6oneTb Ma/iapMePi. 3to noTOMy, hto 
yrpo3a yKyca KOMapoB (mockmtob) oneHb BbicoKa b HeKOTopbix 
pemoHax, a Bbi He npMBMTbi ot Ma/iapMM. K cnacTbio, Bbi MO>KeTe 
KOHTpO/IMpOBaTb ySJ3BHMOCTb npM nOMOLUH MeAHKaMeHTOB M 
nonbiTaTbca KOHTpo/iMpoBaTb yrpo3y, Mcno/ib3yfl cpeACTBO, 
OTnyrMBaiomee HaceKOMbix m/im MOCKMTHbie ceTKM. KoHTpo/iMpya 
OAHOBpeMeHHO m yrpo3y m ya3BMMOCTb, Bbi MO>KeTe rapaHTMpoBaTb, 
HTO Bbi 3aCTpaXOBaHbl OT 3T0r0 pMCKa. 


11.1 Kali Linux b oi^eHKe 

npM noAroTOBKe k pa6oTe Kali Linux Bbi AO/i>KHbi yAOCTOBepMTbCfl, hto 
y Bac HMCTaa, pa6onafl BepcMA. floBO/ibHO Hacro pacnpocrpaHeHHafl 
oniM6Ka, KOTopyio Ae/iaiOT npo^eccMOHa/ibi, bto Mcno/ib30BaHMe 
OAHOM BepCMfl AJlfl npOBeAGHM51 MHOrOHMC/ieHHblX OUeHOK. 3 to 

npo6/ieMa B03HMKaeT no AByM npMHMHaM : 

• B xoAe oqeHKM Bbi BpyHHyio ycraHaB/iMBaeTe, HacTpaMBaeTe m/im, 
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b /ik)6om cnynae, H3MeHAeTe cbokd cncreMy. 3 th eAHHopa30Bbie 
n3MeHeHM^ noMoryT BaM 6bicTpo npncTynnTb k pa6oTe h/ih pewHTb 
npo6neMy, ho hx, TeM He MeHee, AOBO/ibHO c/io>kho OTc/ie>KHBaTb; 
3 to oc/io>KHfleT noAAep>KKy BamePi cHcreMbi h 6yAyiAHx 
KOHcf)MrypaunM; 

• Ka>KAafl oueHKa 6e3onacHOCTn yHHKa/ibHa. Ec/ih Bbi He yHHTbiBaeTe 
npHMenaHHA, KOAbi h ApyrHe H3MeHeHHA, bto MO>KeT npnBecTH k 
nyTaHHue h/ih, eiue xywe, k no/iHOMy 3arpfl3HeHHio AaHHbix 
K/ineHTa. 

Bot noneMy HacTOATe/ibHO peKOMeHAyeTCA Hani/iHaTb c hhctoh Bepcm/i 
Kali, a Tai<>Ke hmchho noaTOMy cne14na.nl/131/1poBaHHafl Bepci/m Kali 
Linux, roTOBafl k aBTOMaTi/inecKOM ycTaHOBKe, AOBO/ibHO TaKH 6bicrpo 
OKynaeTCA. I1pn Heo6xoAHMOCTn o6paTHTecb k pa3Ae/iy 9.3 " 
Co3AaHne >KHBoro no/ib30BaTe/ibCKoro ISO o6pa3a Kali" [cTp. 236] h 
pa3Ae/iy 4.3, "ABTOMaTi/NecKi/ie ycTaHOBKH" [cTp. 91], HTo6bi 
BcnoMHHTb, KaK 3 to Ae-naTb, t.k. neM 6o/ibi±ie Bbi cMO>KeTe 
aBTOMaTH3npoBaTb ceroAHfl, TeM MeHbiue BpeMeHH Bbi noTpaTHTe 
3aBTpa. 

y Ka>KAOrO CBOH Tpe60BaHMfl OTHOCHTe/lbHO Toro, KaK HMeHHO HM 
HpaBHTCfl HacTpoHTb Kali Linux f\r\9\ pa6oTbi, ho, TeM He MeHee, ecTb 
yHHBepca/ibHbie peKOMeHAauHH, KOTopbiM Mbi 6bi, AeHCTBHTe/ibHO, 
nopeKOMeHAOBann BaM cneAOBaTb. Bo-nepBbix, noMHi/iTe 0 
3aiiiMct)poBaHHOH ycTaHOBKe, 0 kotopoh roBopn/iocb b pa3Ae/ie 4.2.2 
"YcTaHOBKa Ha no/iHOCTbio 3aLUMcf)poBaHHyK) cjDaH/iOByK) cncTeMy» 
[cTp. 85]. 3to 3amnTHT Baiiii/i AaHHbie Ha pea/ibHOH Mami/iHe, KOTopafl 
6yAeT a B/iflTbCfl unn Bac cnaceHneM b tom c/iynae, ec/in Bam HoyT6yK 
6yAeT yKpaAeH. 

fljifl Aono/iHHTe/ibHOH 6e3onacHOCTn bo BpeMfl nyTemecTBHA, 
B03M0>KH0, Bbi 3aXOTHTe yHHHTO>KHTb K/1KDH Aei±IHC|}pOBaHHfl (CM. 
"flo6aB/ieHne napo/ifl caMoyHHHTO>KeHHfl A-rm no/iyneHHfl 
Aono/iHHTe/ibHOH 6e3onacHOCTn" [cTp. 245]) noc/ie toto, KaK 
OTnpaBHTe cBoeMy coTpyAHHKy b Oconee (3ai±iHc|}poBaHHyK)) Konmo 
K/iKDna. TaKHM o6pa30M, BamH AaHHbie 6yAyT HaxoAHTbCA b 
6e3onacHOCTn, noKa Bbi He BepHeTecb b ocJdhc, rAe Bbi MO>KeTe 
BOCCTaHOBHTb CBOH HOyT6yK npH nOMOLUH K/IKDHa AemHCt^pOBaHHfl. 

flpyron nyHKT, Ha KOTopbin BaM c/ieAyeT Aea>KAbi o6paTHTb BHHMaHne, 
3 to cnncoK naKeTOB, KOTopbie Bbi ycraHOBH/in. flpoAyMaHTe, KaKne 
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MHCTpyMeHTbi BaM MoryT noHaAo6MTbca fl/isq 3aBepi±ieHi/m pa6oTbi. 
HanpMMep, ec/iM Bbi HanmnaeTe oueHKy 6ecnpoBOAHOM 6e3onacHOCTM, 
Bbi MO>KeTe yHMTbiBaTb ycTaHOBKy MeTanaKeTa kali-linux-wireless , 
KOTOpbIM C0flep>KMT BCe MHCTpyMeHTbi 6ecnpOBOAHOM OUeHKM, 
AOCTynHOM b Kali Linux; mjim b c/iynae Heo6xoAHMOCTM oqeHKM Be6- 
npMno>KeHMfi, Bbi MO>KeTe ycraHOBMTb Bee AOCTynHbie MHCTpyMeHTbi 
TecTMpoBaHMa Be6-npM/io>KeHMfl b MeTanaKeTe kali-linux-web. 
/lynwe npeAnono>KMTb, hto y Bac He 6yAeT Jiericoro AOCTyna k 
MHTepHeTy npM npoBeAeHMM oueHKM 6e3onacHOCTM, noaTOMy 
noAroTOBbTe Bee 3apaHee. 

no 3T0M >Ke npMHMHe BaM, B03M0>KH0, 3aXOHeTCfl npOCMOTpeTb 
HacTpoMKM ceTM (cm. pa3Aen 5.1, "HacrpoMKa ceTM " [cTp. 104] m 
pa3Aen 7.3, "3amnTa ceTeBbix c/iy>K6" [cTp. 153]). llpoBepbTe 
ABa>KAbi HacTpoMKM Bamero DHCP m \c/iy>K6bi, KOTopbie nepeHMc/ieHbi 
b BameM IP aApece. 3tm HacTpoMKM MoryT cM/ibHO noB/iMATb Ha Bam 
ycnex. Bbi He MO>KeTe oueHMBaTb to, hto He bmamtc, a npe3MepHbie 
c/iy>K6bi npoc/iymMBaHMa ocna6?iT Bamy cMCTeMy m 3aKpoiOT ee 
npe>KAe, neM Bbi HaHHeTe pa6oTaTb. 

Ec/im Bama po/ib 3aK.moHaeTCfl b Mcc/ieAOBaHMM npoHMKHOBeHMA b 
ceTb, to Ba>KHee 6yAeT o6paTMTb BHMMaHMe Ha HacTpoMKM ceTM, a 
Tai<>Ke Hy>KHO M36eraTb M3MeHeHMfl cMcreMbi, KOTopaa noABepraeTca 
B03AeMCTBMio. CneuMa/iM3MpoBaHHafl BepcMfl Kali c MeTanaKeTOM 
kali-linux-forensic, 3arpy>KeHHafl M3Hana/ibHO b 

KpMMMHa/lMCTMHeCKOM pe>KMMe, He 6yAeT aBTOMaTMHeCKM 
ycTaHaBnMBaTbca Ha auck m/im Mcno/ib30BaTb pa3Aen aucio. TaKMM 
o6pa30M, Bbi MO>KeTe noAAsp>KMBaTb aHa/iM3 qe/iocTHOCTM cMCTeMbi bo 
BpeMfl MCn0/lb30BaHM5q MHOTMX KpMMMHa/lMCTMHeCKMX MHCTpyMeHTOB, 
AOCTynHbix Ha Kali Linux. 

OneHb b3>kho, HTo6bi Bbi TmaTe/ibHO noAroTOBM/iM BepcMio Kali Linux 
k pa6oTe. Bbi o6Hapy>KMTe, hto HMCTaa, acfjcjDeKTMBHafl cpeAa Kali 
BcerAa 6yAeT Ae/iaTb Bee, HTo6bi b Aa/ibHeMLueM y Bac He B03HMKa/io 
npo6neM, m pa6oTa npoxoAn/ia MaKCMMa/ibHO acj^eKTMBHO. 


11.2 Tunbi ou,eHKM 


360 


Tenepb, KorAa Bbi yBepeHbi, hto Bama cpeAa Kali roTOBa, c/ieAyK)LUHM 
maroM 6yAeT onpeAeneHi/ie toto, icaicoPi i/iMem-io copT oueHKi/i Bbi 
co6npaeTecb npoBOAHTb. Ha caMOM BbicoKOM ypoBHe Mbi MO>KeM 
onncaTb neTbipe Tuna oueHOK: opeHKa yb3bhmocth , nposepna 
HafleMHOCTH , rpaflMjMOHHoe recTupoBaHne Ha 

npoHHKHOBeHne, a Tai<>Ke OLieHKa npnno>KeHHfi. B3anMOAeMCTBi/ie 
MO>KeT BK/iKDHaTb b ce6a pa3/ii/NHbie 3/ieMeHTbi Ka>KAoro Tuna oqeHKi/i, 
ho, 6e3yc/iOBHO, mx /lynLue noAPo6HO oni/icaTb m oStacHHTb mx 
aKTya/ibHOCTb A-rm BauiePi c6opkm m cpeAbi Kali Linux. 

npe>KAe neM ymy6/iflTbCfl b paccMOTpeHi/ie pa3/ii/iHHbix THnoB oueHOK, 
oneHb b3>kho cHana/ia o6paTMTb Baiue BHMMaHi/ie Ha pa3/iMHne Me>KAy 
yfl3BMM0CTbK) H 3KCn/10MT0M. 

Yft3BHMOCTbtO Mbl Ha3blBaeM HeAOCTaTOK /1M60 \A3~b9\H, KOTOpbIM npM 
ero MCn0/lb30BaHMM MO>KeT B3/10MaTb H/1H CKOMnpOMeTHpOBaTb 
KOHCf)HASHMHa/lbHOCTb, Ue/lOCTHOCTb, a T3K>Ke AOCTynHOCTb 
MHCjDOpMaUMOHHOM CMCTeMbl. CymeCTByeT MHO>KeCTBO pa3/lMHHblX 
THnoB ya3BMMOCTePi, KOTopbie BaM MoryT BCTpenaTbca, Bic/nonaa: 

• B/io>KeHne cjoan/ia (File Inclusion): Ya3BHM0CTb c B/io>KeHMeM 

c^an/ia^B Be6 npi/mo>KeHi/ie no3BO.rmeT BaM BK/itonarb coAep>Ki/iMoe 
ziOKa/ibHoro M/ii/i yAa/ieHHoro cj^aPma b BbNnc/inTe/ibHbie npoqeccbi 
nporpaMMbi. Hanpi/iMep, Be6-npn/io>KeHMe MO>KeT i/iMeTb cjDyHKumo 
«Coo6meHne ah n», KOTopaa cni/iTbiBaeT coAep>KMMoe c^aPina m 
BK/ iKDHaeT ero Ha Be6-CTpaHi/iue A-rm OTo6pa>xeHi/m ero 

nonb30BaTe/iK). Ec/ii/i btot Tun cfjyHKUMM 3anporpaMMnpoBaH 
HenpaBMflbHO, OH MO>KeT n03B0/lMTb 3/lOyMblLLI/ieHHMKy M3MeHMTb 
Be6-3anpoc A-rm Toro, HTo6bi 3acTaBMTb caHT BK/nonaTb b ce6a 
coAep>KMMoe Bbi6paHHoro cj^aPma. 

• SQL HHteKUi/m (SQL Injection): ATaica c npHMeHeHi/ieM SQL 
MH~beKUMn 45 46 KBnneTcn TeM THnoM aTaKi/i, b kotopom npoqeAypbi 
npoBepKM BBOAa A-n^ nporpaMMbi o6oPiAeHbi, hto b cbokd onepeAb 
no3BO^aeT aTaicyiomeMy 3aAaBaTb SQL KOMaHAbi A-rm ue/ieBoPi 
nporpaMMbi, KOTopyio OHa 6yAeT Bbino/iHATb. 3to AB-rmeTca ToPi 
C|30pM0Pi MCnO/lHeHl/m KOMaHAbi, KOTOpaa MO>KeT npMBecTM K 
noTeHUMa/ibHbiM npo6/ieMaM 6e3onacHOCTM. 

• flepeno/iHeHi/ie 6y<t>epa (Buffer Overflow): flepeno/iHeHi/ie 


45 https://en.wikipedia.org/wiki/File inclusion vulnerability 

46 https://en.wikipedia.org/wiki/SQL injection 


361 








6vcbepa 47 - bto Tun yfl3Bi/iM0cm, KOTopbiM o6xoaht npoqeAypbi 
npoBepKM BBOAa Arm 3anncn AaHHbix b coceAmoio naMATb 6y<t>epa. 
B HeKOTopbix cnynaflx bto cMe>KHoe pacnono>KeHi/ie naMATi/i MO>KeT 
i/iMeTb peniaKDLuee 3HaneHi/ie Arm pa6oTbi qeneBoPi nporpaMMbi, m 
ynpaB/ieHi/ie BbinormeHi/ieM koas MO>KeT 6biTb no/iyneHO 
nocpeACTBOM TmaTe/ibHoPi MaHi/my/ifl 141/m c nepe3ani/icaHHbiMi/i 
AaHHbiMM naMATi/i. 

• CocTOJRHMe roHKM (Race Conditions): CocToam/ieM roHKi/i— - Tun 
yfl3BMMOCTM, KOTOpbIM MCnO/lb3yeT XpOHOMeTpa>K 3aBMCMMOCTePi B 
nporpaMMe. B HeKOTopbix c/iynaax pa6oHi/m npoqecc nporpaMMbi 
33BHCMT OT KOHKpeTHOM nOC/ieAOBaTe/lbHOCTM C06blT MM. Ec/IM Bbl 
MO>KeTe M3MeHMTb 3Ty noc/ieAOBaTe/ibHOCTb co6biTi/m, sto MO>KeT 
npMBeCTM K yfl3BMM0CTM. 

C ApyroPi >Ke cTopoHbi skctuioPitom Mbi Ha3biBaeM nporpaMMHoe 
o6ecneHeHne, KOTopoe b cnynae npi/iMeHeHMA, ncno/ib3yeT 
KomcpeTHyK) 3aBMCMMOCTb, xota He Bee yfl3BMMOCTn noABep>KeHbi 
AePicTBHK) BKcnnoPiTa. B cba3m ctcm, hto 3Kcn/ioi/iT Aon>KeH M3MeHi/iTb 
3anymeHHbiPi npoqecc, 3acTaBJi?m ero coBepuii/iTb 
He3annaHMpoBaHHbie AePicTBi/ie, co3AaHne BKcnnoMTa MO>KeT 6biTb 
AOBO/lbHO T3KM C/10>KHblM. KpOMe TOrO, B COBpeMeHHbIX 
BbNMc/iMTe/ibHbix n/iaTc|3opMax cymecTByeT p aa aHTi/i-SKcn/ioPiTHbix 
TexHO/iornPi, KOTopbie 6bmi/i pa3pa6oTaHbi Arm toto, HTo6bi 
33TpyAHHTb l/ICn0/lb30BaHl/ie y?13BMMOCTeM, T3KMX KaK 
npeAOTBpameHMe BbinormeHi/m AaHHbix (IIBfl) i/i/ii/i Data Execution 
Prevention 49 (PEP 1 ) i/i pa HAOMi/i3a 141/m pa3MemeHi/m aApecHoro 
npocTpaHCTBa ( Address Space Layout Randomization 50 (ASLR)). 
OAHaKO M3-3a toto, hto Arm KOHKpeTHOM yfl3Bi/iMOCTi/i He cymecTByeT 
o6men3BecTHoro BKcnnoPiTa, bto He 03HanaeT, hto ero He cymecTByeT 
(i/mn ero He/ib3?i co3AaTb). Hanpi/iMep, mhokcctbo opraHi/i3ai4i/m 
3aHMMaK)TCfi npoAa>KeM BKcnnoPiTOB, KOTopbie Hi/iKorAa He 
ny6nnKyK)TCJR, nosTOMy Bee ya3BHMOCTn Aon>KHbi paccMaTpi/iBaTbca 
KaK noTeHui/ia/ibHO AOCTynHbie. 


11.2.1 Ou,eHKa yfl3BMMOCTM 


47 https://en.wikipedia.org/wiki/Buffer overflow 

48 https://en.wikipedia.org/wiki/Race condition 

49 https://en.wikipedia.org/wiki/Executable space protection#Windows 

50 https://en.wikipedia.org/wiki/Address space layout randomization 
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y*3BMM0CTbK) flBJlfleTCfl HeflOCTaTOK MJ1M M3"bflH, KOTOpbIM B TOM M/1M 
mhom creneHM MO>KeT 6biTb Mcnonb30BaH unn toto, HTo6bi 
CKOMnpOMeTMpOBaTb KOHCt3MfleHI4ManbHOCTb, Ue/lOCTHOCTb M/1M 
flOCTynHOCTb MHCjDOpMaUMOHHOM CMCTeMbl. B npouecce OUeHKM 
yfl3BMM0CTM BaLLieM OCHOBHOM Ue/lbK) AB/lfleTCfl C03flaHMe npocToro 
cnMCKa o6Hapy>KeHHbix yfl3BMMOCTeM b peneBofi cpe/^e. flai-maa 
KOHuenuM^ ueneBOM cpeflbi nBnnejcn Hpe3BbinaMHO b3>khom. Bbi 
flon>KHbi 6biTb yBepeHbi, hto ocTaeTecb b npeflenax ue/ieBoPi ceTM 
CBoero K/iMeHTa m Tpe6yeMbix ue/iePi. Ec/im Bbi BbinaflaeTe 3a npeAe/ibi 
OUeHKM, TO 3T0 MO>KeT K npepbIBaHMK) 06 c/iy>KMBaHMfl, HapyilieHMK) 
AOBepMJR C BaLUMM K/lMeHTOM M/1M CyAe6HblM MCK3M npOTMB BaC M 

Bamero pa6oTOAaTe/ifl. 

BBMAy CBOePi OTHOCMTe/lbHOM npOCTOTbl, TeCT Ha yfl 3 BMMOCTb HaCTO 
3 aBepiuaeTCfl b 6o/iee coBepmeHHbix cpeAax Ha pery/uipHOM ocHOBe 
KaK HaCTb AeMOHCTpaUMM MX AO/l>KHOM OCMOTpMTe/lbHOCTM. B 
60/lbLUMHCTBe C/iynaeB, aBTOMaTM 3 MpOBaHHblM MHCTpyMeHT, TaKOM KaK 
Te, hto coAep>KaTbca b KaTeropM^x aHa/iM 3 a y^ 3 BMMOCTM 
(Vulnerability Analysis 51 ) m Be6 npM/io>KeHMfl (Web Applications 52 ) 
caPiTa 1 /lHCTpyMeHTbi Karm (Kali Tools) m npM.no>KeHMfl MeHK) pa6onero 
CTO/ia Ka/iM, Mcno/ib 3 yeTCfl A-na toto, HTo6bi o6Hapy>KMTb >KMBbie 
CMCTeMbl b ueneBOM cpeAe, onpeAe/iMTb c/iy>K6bi npoc/iyuiMBaHM^ m 
nepeHMcnMTb mx c ue/ibio o6Hapy>KeHMfl MaKCMMa/ibHoro KO/iMnecTBa 
MHcj^opMauMM, TaKoPi KaK nporpaMMHoe o6ecneneHMe cepBepa, ero 
BepcMfl, nnaTcjDopMa m t.a- 

3aTeM 3Ta MHc^opMauMA npoBepaeTCA Ha Ha/iMHMe M3BecTHbix 
CMTHaTyp noTeHUMa/ibHbix npo6neM m/im y^3BMMOCTeM. 3 tm cMTHaTypbi 
COCTOflT M3 KOM6MHai4MM TOHeK HaHa/ia OTCHeTa, KOTOpbie 
npeAHa3HaneHbi A-rm npeACTaB/ieHMA M3BecTHbix npo6/ieM. 
l/lcno/ib3yeTca AOBO/ibHO 6o/ibiuoe KO/iMnecTBO ToneK Hana/ia OTcneTa, 
t.k. neM 6onee ToneK Bbi Mcno/ib3yeTe, TeM 6o/iee tohhom 6yAeT 
MA6HTM(f)MKai4Mfl. CymeCTByeT AOBO/lbHO 60 /lbl±IOe KO/lMHeCTBO 
noTeHUMa/ibHbix ToneK Hana/ia OTcneTa, KOTOpbie BK/iionaiOT b ce6a, 
HO He OrpaHMHMBaKDTCfl mmm: 

• BepcMjq onepauMOHHOM CMCTeMbl: floBO/ibHO pacnpocTpaHeHHbiM 

AB/ieHMeM A-n^ nporpaMMHoro o6ecneneHMfl AB/iaeTCfl to, hto oho 

MO>KeT 6blTb yfl3BMMblM Ha OAHOM BepCMM OnepaUMOHHOM CMCTeMbl, 

51 http://tools.kali.org/category/vulnerability-analysis 

52 http://tools. kali.org/category/web-applications 
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a Ha flpyroPi - HeT. l/l3-3a 3Toro cKaHep nonbiTaeTcs KaK mo>kho 
TOHH ee onpeAe/iMTb, KaKa n BepcHA onepaui/iOHHoPi ci/icreMbi 
pa3MemaeT ue/ieBoe npi/mo>KeHne. 

• YpoBeHb naTna: floBO/ibHO Macro naTMH A-rm onepaui/iOHHoPi 
CMCTeMbl He yBe/lHMMBaKDT MHCf)OpMaUHK) 0 BepCMM, HO Bee paBHO 
MeHj^KDT cnoco6 pearnpoBaHna Ha yfl3BHM0CTb n/ 11/1 Aawe 
nO/lHOCTbK) yCTpaHJIKDT 3Ty y?13BHM0CTb. 

• ApxHTeKTypa npoueccopa: MHorne nporpaMMHbie npi/mo>KeHi/m 
AOcrynHbi A-n^ HecKonbKHx npoueccopHbix apxHTeKTyp, t3khx KaK 
Intel x86, Intel x64, HecKO/ibKO Bepcm/i ARM, UltraSPARC m t. a- 

• B HeKOTopbix c/iyMa^x y^3BMMOCTb 6yAeT cymecTBOBaTb TO/ibKO b 
onpeAeneHHOH apxHTeKType, no3TOMy 3HaHne 3Toro 6nTa 
MHcjDopMauMH MO>KeT MMeTb pewaiOLuee 3HaMeHne Ann tomhom 
cumaTypbi. 

• Bepci/m nporpaMMHoro o6ecneHeHna: Bepcua Me/ieBoro 

nporpaMMHoro o6ecneMeHi/m npaKTHMecKH BcerAa AB/iaeTCfl oahmm 
H3 CaMbIX OCHOBHbIX MOMeHTOB, KOTOpbie Heo6xOAHMO 3HaTb, AH9\ 
Toro, MTo6bi pacno3HaTb yfl3BHM0CTb. 

• 3th h MHorne ApyrHe HcxoAHbie tomkh AaHHbix 6yAyT 

ncno/ib30BaHbi Ann Toro, MTo6bi co3AaTb cnrH3Typy, KaK nacTb 
npouecca cKaHi/ipoBaHi/m y^3BHM0CTePi. Bno/iHe /iothmho, mto neM 
6o/ibnie HcxoAHbix ToneK AaHHbix coBnaAaeT, TeM 6onee tomhom 
6yAeT cMTHaTypa. ripn pa6oTe c cnrHaTypHbiMn coBnaASHHAMi/i Bbi 
MO>KeTe HMeTb HeCKO/lbKO pa3/lHMHblX nOTeHUHa/lbHblX 
pe3ynbTaTOB: 

• no/io>KHTe/ibHbiM pe3ynbTaT: CumaTypa coBnaAaeT h 3axBaTbiBaeT 

pea/ibHyio yfl3BHM0CTb. BaM Heo6xoAHMO c/ieAOBaTb bthm 
pe3y/ibTaTaM h Bbino/iHMTb Heo6xoAHMbie ncnpaB/ieHi/m b 

COOTBeTCTBHH C HHMH, T.K. J1K)60H 3/lOyMblLU/ieHHHK MO>KeT 

ncnonb30BaTb 3th HeAOcraTKH h H3' bnub\ A-na toto, MTo6bi HaHecTH 
BpeA BamePi opraHM3aunn (mjim opraHH3aunn Bamero K/ineHTa). 

• Jlo>KHono/io>KHTenbHbiM pe3ynbTaT: Ci/irHaTypa coBnaAaeT; OAHaKO 

o6Hapy>KeHHafl npo6/ieMa He AB/ifleTCA pea/ibHoPi yfl3BMMOCTbK). Bo 
BpeMjq OUeHKH, OHH MOryT C03AaBaTb AOBO/lbHO MHOTO IliyMa, MTO 
caMO no ce6e cn/ibHO pa3Apa>KaeT. Bbi HHKorAa He AO/i>KHbi 
OT6pacbiBaTb no/io>KHTenbHbiM pe3y/ibTaT KaK 

/io>KHono.no>KHTe.nbHbiM 6e3 6o/iee AeTa/ibHoPi npoBepKH. 

• OTpnuaTe/ibHbiPi pe3ynbTaT: CurHaTypa He coBnaAaeT h 

COOTBeTCTBeHHO yfl3BHMOCTePi HeT. 3T0T CUeHapHM flBJlfleTCfl 
HAea/ibHbiM A-n^ Toro, MTo6bi npoBepi/iTb, mto yji3BHM0CTn He 
cymecTByeT Ha ue/in. 


364 



• nowHOOTpuuaTe/ibiHbiM pe3y/ibTaT: CnmaTypa He coBnaflaeT, ho, 
TeM He MeHee, cymecTByeT y^3BMMOCTb. He cMOTpa Ha to, hto 
/io>KHono/io>KHTenbHbiM pe3y/ibTaT nBnnejcn AOBO/ibHO n/ioxMM, 
/io>KHOOTpnuaTe/ibHbiM pe3y/ibTaT HaMHoro xywe. B ashhom c/iynae 
npo6/ieMa cymecTByeT, ho cKaHep He MO>KeT onpeAe/iMTb ee, 
noaTOMy y Bac He cymecTByeT hmiokmx yi<a3aHMM npo ee 
cymecTBOBaHkie. 

KaK Bbi MO>KeTe ce6e npeACTaBHTb, TOHHOCTb cnrH3Typ Hpe3BbiHai/iHO 
Ba>KHa A-n^ nonyHeHMA MaKCMMa/ibHO TOHHbix pe3y/ibTaTOB. HeM 
6o/ibi±ie AaHHbix npeAOCTaB/ieHO, TeM 6o/ibiue BepoaTHOCTb Toro, hto 
B bi no/iyni/iTe TOHHbie pe3y/ibTaTbi ot aBTOMaTH3MpoBaHHoro 
CKaHHpoBaHHj^ Ha ocHOBe cMTHaTyp, noaTOMy nacTO ncno/ib3yK)TC}q 
ayTeHTncf)nunpoBaHHbie CKaHMpoBaHMe. 

ripn ayTeHTMCj^MUMpOBaHHOM CKaHMpOBaHHH, CKaHMpyKDLUee 
nporpaMMHoe o6ecneneHMe ncno/ib3yeT npeAOCTaB/ieHHbie yneTHbie 
AaHHbie A-nfl ayTeHTnc(3HKaunn perm. 3to npeAOcraB/ifleT 6o/iee 
rny6oKMH ypoBeHb bhahmocth b perm, neM iokmm jim6o ApyrHM 
cnoco6oM. HanpMMep, np m o6bNHOM CKaHMpOBaHHH Bbi MO>KeTe 
06Hapy>KHBaTb MHC|30pMapMK) O CMCTeMe, KOTOpafl MO>KeT 6blTb 
no/iyneHa H3 c/iy>K6 npocnyLUMBaHMfl h npeAOCTaB/ifleMbix mmh 
Ct^yHKUMM. 1/lHOTAa 3T0 MO>KeT 6blTb COBCeM HeMHOrO MHCjDOpMaUMM, HO 
b AaHHOM c/iynae o6biHHoe cKaHMpoBaHMe hmkbk He MO>KeT 
KOHKypMpoBaTb b ypoBHe m r/iy6MHe AaHHbix, KOTopbie 6yAyT 
nonyneHbi, ec/iM Bbi Bbino/iHMTe ayTeHTMc^MKapMK) b CMCTeMe m 
BcecTopoHHe npocMOTpMTe Bee ycTaHOB/ieHHoe nporpaMMHoe 
o6ecneneHMe, npMMeHeHHbie naTHM, 3anymeHHbie npopeccbi m t. a- 
noAo6Haji o6niMpHOCTb nonyneHHbix AaHHbix flBrmeTCfl AOBO/ibHO 
no/ie3HOM A-n^ o6Hapy>KeHMfl yfl3BMM0creM, KOTopbie, b npoTMBHOM 
c/iynae, MoryT ocTaTbca Heo6Hapy>KeHHbiMM. 

Xopomo npoBeAeHHasi opeHKa yfl3BMM0CTM npeACTaB/ifleT co6om 
peanbHoe OTo6pa>KeHMe noTeHUMa/ibHbix npo6/ieM b opraHM3auMM m 
npeAOCTaB/iaeT noKa3aTe/iM A-rm M3MepeHMfl M3MeHeHMM c TeneHMeM 
BpeMeHM. 3to AOBO/ibHO nericafl opeHKa, ho, TeM He MeHee, 
MHO>KecTBO opraHM3apMM 6yAyT peryrmpHO npoBOAHTb 
aBTOMaTM3MpoBaHHoe CKaHMpoBaHMe yji3BMMOCTeM b Hepa6onee 
BpeMfl bo M36e>KaHMe noTeHUMa/ibHbix npo6/ieM Ha npoTaweHMM aha, 
KorAa AOCTynHOCTb cny>K6 m nponycKHaa cnoco6HOCTb flBrmKrrcfl 
HaM6o/iee Ba>KHbiMM. 
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KaK 6bmo ynoMfiHyTO paHee, npM cicai-mpoBaHm/i y?i3BMMOCTeM 
Heo6xOflMMO npOBepHTb MHO>KeCTBO pa3/lMHHblX MCXOflHbIX TOHeK 
flaHHbix A-n^ Toro, HTo6bi nonyHMTb TOHHbie pe3y/ibTaTbi. Bee btm 
pa3/iMHHbie npoBepKM MoryT co3AaBaTb Harpy3Ky Ha qe/ieByK) 
CMCTeMy, a Taioxe coKpamaTb nponycKHyK) cnoco6HOCTb. K 
cowa/ieHi/iK), oneHb c/io>kho tohho onpeAe/iMTb HacKO/ibKO MHoro 
pecypcoB qe/iM 6yAeT noTpe6rmTbCfl, t.k. bto 3aBncnT ot KO/iMnecTBa 
OTKpbiTbix cny>K6 m Tuna npoBepoK, KOTopbie 6yAyT CBA3aHbi c btmmm 
c/iy>K6aMM. TaKOBOH flBrmeTCfl qe/ib npoBeAeHMfl cKaHMpoBaHMa; b 
/ik)6om c/iynae oho 6yAeT noTpe6.rmTb cMCTeMHbie pecypcbi. 1/lMeTb 
o6mee npeACTaB/ieHMe o pecypcax, KOTopbie 6yAyT noTpe6/iflTbCfl, m 
H acKO/ibKO 6yAeT 3arpy>KeHa ueneBaa cMCTeMa, nBnnejcn oneHb 
Ba>KHbiM npM 3anycKe btmx MHCTpyMeHTOB. 


llOTOKM CKanupOBaHHfl 

EO/lbLUMHCTBO CK3HepOB y?13BMMOCTeM BK/IKDHaKDT B Ce6fl OllUMK) 
yCTaHOBKM nOTOKOB Ha CKdHMpOBdHMe, HTO COOTBeTCTByeT KO/lMHeCTBy 
OAHOBpeMeHHbIX npOBepOK, KOTopbie npOMCXOA^T B AaHHbIM MOMeHT. 
YBe/iMHeHMe btoto HMC/ia 6yAeT MMeTb np^Moe B/iM^HMe Ha Harpy3Ky 
Ha nnaTcj^opMy oueHKM, a TaK>xe Ha ceTH h ue/iM, c KOTopbiMM Bbi 
B3anMOAePicTByeTe. 3to oneHb b3>kho MMeTb BBMAy, KorAa Bbi 
Mcnonb3yeTe btm cKaHepbi. BcerAa ecTb 6o/ibi±iOM co6/ia3H yBe/iMHMTb 
KO/lMHeCTBO nOTOKOB, HT 06 bl yCKOpMTb CK3HMpOBaHMe, HO nOMHMTe 0 
3HaHMTe/ibHOM yBe/iMHeHMM Harpy3KM, KOTopaa cB?i3aHa c btmm. 


KorAa cKaHMpoBaHMe ya3BMMOCTeM 3aBepi±ieHO, o6Hapy>KeHHbie 
npo6neMbi, KaK npaBM/io, npMBA3biBaK)TCfl k OTpac/ieBbiM 
CTaHAapTHbiM MASHTMcf)MKaTopaM, TaKMM KaK HOMepa CVE 53 , EDB-ID 54 
55 , MHCfjOpMaUMOHHblM coo6meHMflM 0 nOCTaBLUMKe. 3Ta MHC)30pMai4Mfl, 
BMecTe c oqeHKOM CVSS yfl3BMMOCTM n , b AaribHeMiueM Mcno/ib3yeTCfl 
Arm onpeAe/ieHM^ ypoBHA pMCKa. Hap^Ay c no>KHono/io>KMTe/ibHbiMM 
/10>KH00TpMMaTe/lbHblMM C 006 l±ieHMflMM 06 y5R3BMMOCTM, 3TM yC/lOBHbie 
ypoBHM pMCKa flBrmKrrcfl o6luhmm npo6/ieMaMM, KOTopbie Heo6xoAHMO 
yHMTbiBaTb npM aHa/iM3e pe3y/ibTaTOB CKaHMpoBaHMe. 


53 https://cve. mitre.org 
54 https://www.exploit-db.com/about/ 
55 https://www.fi rst.org/cvss 
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nOCKOJlbKy aBTOMaTM3MpOBaHHbie MHCTpyMeHTbl HCnO/lb3yK)T 6a3bl 
flaHHbix curHaTyp f\y\9\ onpeAe/ieHMA yfl3BMM0CTePi, /iK)6oe 
He3HaHMTe/ibHoe OTK/iOHem/ie ot n3BecTHoPi cnrHaTypbi MO>KeT 
M3MeHMTb pe3y/ibTaT, a Tai<>Ke AOCTOBepHOCTb BoenpMHMMaeMOM 
yji3BHM0CTM. /lo>KHonono>KHTenbHbiM pe3y/ibTaT HeBepHO OTMenaeT 
yji3BMM0CTb, KOTopafl He cymecTByeT, b to BpeMA KaK 
/io>KHOOTpnuaTenbHbiM pe3ynbTaT AOBO/ibHO ycneniHO c/ieAHT 3 a 
npo 6 /ieMoPi, ho He coo 6 maeT 06 3tom. BBHAy btoto, cicaHep name 
Bcero AB/iaeTCfl HacmnbKO xoponiMM, HacKO/ibKO xopoma ero 6a3a 
npaBH/1 CMTHaTyp. no 3T0M npMHMHe, MHO>KeCTBO nOCTaBLUHKOB 
npeA-naraK)T HecKO/ibKO Ha6opoB curHaTyp: oahh, KOTopbiPi AB/iaeTCfl 
6 ecnnaTHbiM Ann AOManmero Mcno/ib30BaHMfl, h ApyroPi Ha6op, 
AOBO/ibHO AoporoPi, ho, TeM He MeHee, BcecropoHHMPi, h o6bNHO ero 
npno6peTaK)T KopnopauMM h KOMnaHMM. 

/IpyroPi npo6neMOH, c kotopom Macro BCTpenaK)TCfl bo BpeMA 
CKaHMpOBaHHJI yfl3BMMOCTePi, flBJlfleTCfl AOCTOBepHOCTb 

npeAno/iaraeMbix ypoBHePi pi/icKa. 3th ypoBHH pHCKa onpeAermK)TCfl 
Ha o6mePi ocHOBe, yHMTbiBafl MHO>KecTBO pa3/iMHHbix c|)aKTopoB, tokmx 
KaK ypoBeHb npnBnriernPi, Tun nporpaMMHoro o6ecneneHMfl m ao h/ih 
noc/ie ayTeHTHcj^HKauHM. B 3aBncnMOCTn ot BauiePi cpeAbi, bth ypoBHM 
MoryT 6biTb m/im He 6biTb npneM/ieMbi Ann Bac, TaK hto ohh He AO/i>KHbi 
npHHHMaTbCJi BaMH Bc/ienyK). To/ibKO Te cneuna/incTbi, KOTopbie 
xopomo ocBeAOMneHbi b pa3/iMHHbix cHCTeMax m y^3BHMOCT^x MoryT 
Aon>KHbiM o6pa30M npoBep^Tb ypoBHH pmckob. 

HecMOTpa Ha to, hto He cymecTByeT o 6 menpnH^Toro connaweHHfl 06 
ypoBHjqx phckob, peKOMeHAyeTCfl ncno/ib30BaTb cneunaribHyK) 
ny 6 nnKaunK) NIST 800-30 (NIST Special publication 800-30 56 ) b 
KanecTBe ocHOBbi A-rm oueHKH ypoBHePi pmckob m mx tohhoctm b 
BaweM cpeAe. NIST SP 800-30 onpeAermeT pea/ibHbiPi pmck 
06 Hapy>KeHHOM yfl3BMMOCTM, KaK KOM6MHai4MHD BepOfITHOCTM 
B03HMKH0BeHMX M nOTeHU^dflbHOrO B03/jeMCTBMfl . 

BepOflTHOCTb B03HMKHQBeHM51 yrp03bl _ 

CornacHO HauMOHa/ibHOMy MHCTMTyTy craHAapTOB m TexHO/iomPi 
(National Institute of Standards and Technology (NIST)), 

B03MO>KHOCTb B03HMKHOBeHMfl yrp03bl 6a3MpyeTCfl Ha BepOflTHOCTM 
Toro, HacKonbKO KOHKpeTHaa yrpo3a cnoco6Ha Mcno/ib30BaTb 


56 http://csrc. nist.gov/pu blications/PubsSPs.html#800-30 
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KOHKpeTHyK) yfl3BHM0CTb C BepOflTHbIMH peHTHHTaMH 
cpeflHi/m h/ih BbICOKHH. 


HH3KHH, 


• BbicoicuPi: noTeHUHanbHbiPi 3/ioyMbiLu/ieHHHK nsnnejcn 

BblCOKOKBanMCjDHUHpOBaHHblM H MOTHBHpOBaHHbIM, a Mepbl, 
KOTopbie 6bi/in co3flaHbi Ann 3amnTbi ot y^3BHM0CTM, AB/iaiOTCfl 
HeAOCTaTOHHblMH. 

• CpeAHHH: noTeHUMajibHbiM 3/ioyMbiLu/ieHHHK AB/iaeTCfl 

KBa/lHCf)MUMpOBaHHblM H MOTHBHpOBaHHbIM, HO Mepbl, KOTOpbie 
6binn co3AaHbi Ann 3ai±iHTbi ot y^3BMMOCTH, MoryT 
BOcnpenjqTCTBOBaTb AencTBHflM 3/ioyMbiLuneHHMKa. 

• Hh3khh: noTeHUMa/ibHbiPi 3/ioyMbiiii/ieHHHK AB/iaeTCfl 

HeKBa/lHC^MUMpOBaHHblM H/H/1H C/ia60 MOTHBHpOBaHHbIM, a Te 
Mepbl, KOTopbie cymecTByiOT no 3amnTe ot ya3BHMOCTH, AB/iaiOTCfl 
HaCTHHHO H/1H nO/lHOCTbK) 3Cf)CtDeKTHBHblMH. 


B03A6MCTBHe _ 

YpoBeHb B 03 A 6 HCTBHA onpeAe/iaeTCfl oueHKOH KO/iHHecTBa BpeAa, 
KOTopbiH MO>KeT 6biTb HaHeceH b tom c/iynae, ec/in ya3BHM0CTb, o 
kotopoh hagt penb, 6bma Hcno/ib30BaHa h/ih 3Kcn.nyaTHpoBa.nacb 
HHbIM 06pa30M. 

• BbICOKHH! HCn0/lb30BaHHe yfl3BHMOCTH MO>KeT npHBeCTH K OHeHb 
3HaHHTe/ibHbiM cf)HHaHC0BbiM noTep^M, cepbe3HOMy BpeAy A-ns 
BbinonHeHHjq 3aAaHHfl h/ih penyTaunn opraHH3auHH h/ih Aa>Ke k 
cepbe3HbiM TpaBMaM, BK/uonafl noTepio >kh3hh. 

• CpeAHHH! HCn0/lb30BaHHe yfl3BHM0CTH MO>KeT npHBeCTH K 
cf)HHaHC0BbiM noTep^M, HaHeceHHK) ymep6a mhcchh h/ih penyTaunn 
opraHH3aunn h/ih TpaBMaM /uoAen. 

• HH3KHH: HCn0/lb30BaHHe yfl3BHMOCTH MO>KeT npHBeCTH K HeKOTOpOH 
CTeneHH cf)HHaHC0Bbix noTepb h/ih B03AencTBHfl Ha mhcchio h 
penyTauHK) opraHH3aunn. 

Q6luhh pncK _ 

nOC/ieTOrO KaK BepOflTHOCTb B03HHKH0BeHHfl, H CTeneHb B03AeHCTBHfl 
6bmn onpeAe/ieHbi, Bbi MO>KeTe onpeAe/MTb ypoBeHb o6mero pncKa, 
KOTopbin onpeAe/iaeTCfl b pe3y/ibTaTe aghctbha AByx rpynn. 06luhh 
PHCK MO>KeT OUeHHBaTbC^ KaK HH3KHH, CpeAHHH H/IH BbICOKHH, H 
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COOTBeTCTBeHHO Ka>KflblM M3 3TMX ypOBHePi npeACTaB/lfleT co6om 
pyKOBOACTBO k agmctbmkd A-rm /imu, OTBeTCTBeHHbix 3a o 6 ecneneHMe 
6e3onacHOCTM m noAAepwaHMe cooTBeTCTByKDLUMx cmctcm. 

• BbicoKMPi: CymecTByeT ocTpaa Heo6xoAHMOCTb b npMHATMM 
Aono/iHMTe/ibHbix Mep A-na 3amnTbi ot onpeAe/ieHHOM yfl3BMM0CTM. 
B HeicoTopbix c/iyna^x cMCTeMe MO>KeT 6biTb pa3penieHO 
npoAO/i>KMTb pa6oTy, ho n/iaH asmctbmm AO/i>KeH 6biTb pa3pa6oTaH 
m pea/iM30BaH KaK mo>kho cKopee. 

• CpeAHMPi: CymecTByeT Heo6xoAHMOCTb b npMH^TMM 

Aono/iHMTe/ibHbix Mep Ann 3amnTbi ot onpeAe/ieHHOM yjq3BMM0CTM. 
rinaH no pea/iM3auMM Heo6xoAHMbix Mep 6e3onacHOCTM AO/i>KeH 
6biTb Bbino/iHeH cBoeBpeMeHHO. 

• Hm3kmm: BnaAe/ieu cMcreMbi onpeAe/iMT, ctomt nv\ pea/iM30BbiBaTb 
Aono/iHMTe/ibHbie Mepbi 6e3onacHOCTM Ann 3amnTbi ot 
OnpeAe/ieHHOM yfl3BMMOCTM M/1M >Ke pMCKM flBJlflKDTCfl AOnyCTMMbIMM 
M CMCTeMy MO>KHO 0CT3BMTb 6e3 M3MeHeHMM. 

flOABeAeM MTOTM _ 

YHMTbiBaji cTonb 60/ibiiioe KO/iMnecTBO cj^aKTopoB pea/ibHbix pmckob, 
KOTopbie mcxoa^t ot o6Hapy>KeHHbix yji3BMMOCTeM, npeAonpeAeneHMe 
ypoBHePi pMCKa M3 pe3y/ibTaTOB pa6oTbi cooTBeTCTByromero 
MHCTpyMeHTa, ao/i>kho 6biTb Mcnonb30BaHO KaK OTnpaBHaa TOHKa A-rm 
onpeAeneHMjq pea/ibHoro pMCKa A-rm BcePi opraHM3auMM. 

T paMOTHO C03AaHHbie OTHeTbl 06 OLieHKe yfl3BMMOCTM, KOrAa OHM 
aHa/iM3MpyK)Tc^ npoc^eccMOHa/iOM, MoryT c/iy>KMTb ochobom A-na 
APyrMX OUeHOK, TaKMX KaK BOCnpMMMHMBOCTb K TeCTMpOBaHMK) Ha 
npOHMKHOBeHMe. TaKMM 06pa30M, B3>KH0 nOHflTb, KaK nO/iyHMTb 
HaM/iyHLUMe pe3y/ibTaTbi M3 btom nepBOHana/ibHOM oueHKM. 

Kali nsnnejcn MAea/ibHOM n/iaTcj^opMOM A-na npoBeAeHMA oueHKM 
yj^3BMM0CTM m He Tpe 6 yeT hmk3kmx AononHMTe/ibHbix KOHcf)MrypauMM. 
B MeHK) npM/io>KeHMM Kali (Kali Applications menu), Bbi HaPiAeTe 
MHO>KeCTBO pa3/lMHHblX MHCTpyMeHTOB A /lfl OUeHKM yfl3BMMOCTeM B 

TaKMX KaTeropMJix KaK: c6op MHcJ^opMaunM (Information Gathering), 
aHa/iM3 yfl3BMM0creM (Vulnerability Analysis) m ananv\3 Be6 
npM/io>KeHMM (Web Application Analysis). HecKO/ibKO caPiTOB, 
BK/iKDHasi paHee ynoMAHyTbie Kali Linux Tools Listing 57 , The Kali Linux 


57 http://tools. kali.org/tools-listing 
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Official Documentation 58 n Kypc free Metasploit Unleashed 59 
npeAOCTaB/iflKDT OT/iMHHbie pecypcbi A/ia Mcno/ib30BaHMfl Kali Linux bo 
BpeMfl npoBeAeHua oqeHKM 6e3onacHOcm. 


11.2.2 TecTMpoBaHMe Ha npoHMKHOBeHi/ie Ha ocHOBe 
COOTBeTCTBMfl 

C/ieAyKDLAHM Tun OLieHKM B nOpflAKe C/10>KH0CTM - 3T0 TecrnpoBaHMe 
Ha npoHMKHOBeHMe Ha ocHOBe cooTBeTCTBMfl. 3to Han6o/iee 
pacnpocTpaHeHHbie TecTbi Ha npoHMKHOBeHne, nocKO/ibKy ohm 
OTBenaKDT Tpe6oBaHHjqM npaBMTe/ibCTBa m npoMbiLuneHHOCTn, a Tai<>Ke 
OHM f1B/lf1K)TCB OCHOBaHHbIMM Ha C^peMMBOpKe COOTBeTCTBMfl, B 

kotopom pa6oTaeT bcb opraHM3auMfl. 

He cmotpb Ha to, hto cymecTByeT MHO>KecTBO cneuMa/iM3MpoBaHHbix 
A/lfl pa3nMHHblX OTpacneM C^peMMBOpKOB COOTBeTCTBMfl, CaMbIM 
pacnpocTpaHeHHbiM cKopee Bcero 6yAeT Payment Card Industry Data 
Security Standard 60 (PCI DSS), era has PT, KOTopbiPi pa3pa6oTaH 
KOMnaHMjRMM nnaTe>KHbix KapT. OAHaKO, T3K>Ke cymecTByeT 
onpeAeneHHoe ko/imhcctbo Apyrnx cTaHAapTOB t3kmx KaK Defense 
Information Systems Agency Security Technical Implementation 
Guides 61 (DISA STIG), Federal Risk and Authorization Management 
Program 62 (FedRAMP), Federal Information Security Management 
Act 63 (FISMA), m MHorne Apyrne. B HeKOTopbix c/iyna^x 
KOpnOpaTMBHbIM K/lMeHT MO>KeT 3anpocMTb OUeHKy M/1M >Ke nonpocMTb 
nocMOTpeTb Ha pe3y/ibTaTbi caMOM HeASBHeM opeHicn, BBMAy 
pa3/lMHHblX npMHMH. BHe 33BMCMM0CTM OT TOrO flB/lfleTCfl /1M 3T0T T\AU 
oqeHKM y3KOcneuna/iM3MpoBaHHbiM m/im HeT, b o6meM oh Ha3biBaeTca 
TeCTMpOBaHMeM Ha npOHMKHOBeHMe Ha OCHOBe COOTBeTCTBMfl M/1M >Ke 
npOCTO «OI4eHKa COOTBeTCTBMfl» M/1M «npOBepKa COOTBeTCTBMfl». 

npOBepKa COOTBeTCTBMfl 06 bNH 0 HaHMHaeTCB C OqeHKM y?13BMMOCTM. 
B c/iynae c npoBepKOM cooTBeTCTBMA PCI (PCI compliance auditing 64 ), 
oqeHKa ya3BMMOCTM, b c/iynae npaBM/ibHoro npoBeAeHMfl, MO>KeT 


58 http://docs. kali.org 

59 https://www.offensive-security.com/metasptoit- unleashed/ 

60 https://www. pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf 
61 http://iase.disa.mil/stigs/Pages/index.aspx 
62 https://www.fedramp.gov/about- us/about/ 

63 http://csrc.nist.gov/groups/SMA/fisma/ 

64 https://www. pcisecuritystandards.org/documents/PCIDSS_QRGv3_2.pdf 
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yAOB/ieTBopi/iTb HecKO/ibKO 6a30Bbix Tpe6oBaHMM, BK/iK)Hafi «He 
ncno/ib3yPiTe npeAOCTaB/ieHHbie nocraBLUHKOM 3HaHeHn?i no 
yMO/iHaHnK) A-rm cncTeMHbix napo/ien n Apyrnx napaMeTpoB 
6e3onacHOCTn » (HanpnMep, c nHCTpyMeHTaMn H3 KaTeropnn MeHK) 
aTaxa B3/iOMa napo/ien (Password Attacks)), «ll.Pery/iflpHO 
npoBepanTe cncTeMbi 6e3onacHOcrn n npoueccbi» (c nHCTpyMeHTaMn 
n3 KaTeropnn «OueHKa 6a3bi AaHHbix (Database Assessment)) n 
ApyrnMn. HeKOTopbie Tpe6oBaHnfl, Taxne icaic «9. OrpaHHHHBanTe 
c(3n3nHecKnn AOCTyn k AaHHbiM B/iaAe/ibueB KpeAHTHbix KapT» n «12. 
noAAep>KnBanTe no/inTnKy, HanpaB/ieHHyio Ha 3amnTy nHc^opMaunn 
A-rm Bcero nepcoHa/ia» noxo>Ke, He noAAaiOTCfl TpaAHunoHHon oueHKe 
ya3BnMOCTn c ncno/ib30BaHneM HHCTpyMeHTOB n Tpe6yK)T 
Aono/iHnTenbHon KpeaTnBHOCTn n TecmpoBaHna. 

HecMOTpa Ha tot cf)aKT, hto Ha nepBbin B3rrmA ncno/ib30BaHne Kali 
Linux MO>xeT noi<a3aTbCJi Hei4e/iecoo6pa3HbiM A-rm HeKOTopbix 
3/ieMeHTOB TecTnpoBaHna cooTBeTCTBna, Kali nAea/ibHO noAxoAHT b 
3Ton cpeAe, n sto He TO/ibKO n3-3a ninpoKoro cneKTpa nHCTpyMeHTOB, 
CBA3aHHbix c 6e3onacHOCTbK), ho, b nepByK) onepeAb, n3-3a cpeAbi 
Debian c OTKpbiTbiM ncxoAHbiM koaom, Ha KOTopon n nocTpoeH Kali, 
hto no3BO/ifleT ycTaHaBnnBaTb mnpoKnn cneicrp nHCTpyMeHTOB. 
lloHCK MeHeA>xepa naxeTOB c TLuaTe/ibHO noAo6paHHbiMn K/noneBbiMn 
c/iOBaMn, BHe 3aBncnMOCTn ot Toro icaicon cfjpenMBopK cooTBeTCTBna 
Bbi ncno/ib3yeTe, b 6o/ibiiinHCTBe c/iynaeB BbiAacT BaM mhokcctbo 
pe3y/ibTaTOB. B AaHHbix yc/iOBHflx, MHorne opraHn3aunn ncno/ib3yK)T 
Kali Linux b xanecTBe CTaHAapTHon n/iaTcJ/opMbi A-rm 3Tnx TOHHbix 
bhaob oueHOK. 


11.2.3 TpaAnu,noHHoe TecrnpoBaHne Ha npoHMKHOBeHne 

CaMO noHjRTne TpaAnunoHHoe TecTnpoBaHne Ha npoHnKHOBeHne 
CTa/io AOBO/ibHO cno>KHbiM A-n^ onpeAeneHna, KOTopoe b nepByio 
onepeAb 3aBncnT ot npocrpaHCTBa npnMeHeHna caMoro 
TecTnpoBaHne. flaHHa b nyTaHnua Bbi3BaHa TeM c^aKTOM, hto caM 
TepMnH «TecTnpoBaHne Ha npoHHKHOBeHne» cra/i 6onee nacTO 
ncno/ib30BaTbca A-ns paHee ynoMAHyToro TecmpoBaHna Ha 
npoHnKHOBeHne Ha ocHOBe cooTBeTCTBnsi (nnn Aawe f\r\9\ oueHKn 
ya3BnMOCTn), rAe, no cyTn, Bbi He c/inniKOM ymy6/iaeTecb b caMy 
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ouemcy, nocKO/ibicy bto bwxoaht 3a paMKi/i MMHMMa/ibHbix 
Tpe6oBaHnPi. 

B ue/iax ocBemeHM^ Bonpoca b btom pa3Ae/ie, Mbi OToPiAeM b cTopoHy 
OT 3T0M AUCKyCCMH f\r\9\ T0I"0, HT06bl 3aTpOHyTb Bonpoc OUeHKM, 
KOTOpaa BblXOAHT 3a paMKI/l MUHMMa/lbHblX Tpe60BaHMPi; OUeHKM, 
KOTopaa 6bma pa3pa6oTaHa A-rm Toro, HTo6bi AePicTBHTe/ibHO 
ynyHiiinTb o6myK) 6e3onacHOCTb opraHH3aunn. 

B OT/iMHue ot paHee paccMOTpem-ioro Tuna omchkh, Tecn/ipoBaHi/ie Ha 
npoHHKHOBeHi/ie o6biHHO He HaHi/maeTCfl c onpeAe/ieHMA 06/iacTH, ho 
BM ecTO 3Toro onpeAe/iaeTCfl ue/ib BpoAe, «nMMTnpoBaTb, hto 
npon3oPiAeT, ecrm BHyTpeHHHM no/ib30BaTe/ib 6yAeT 
CKOMnpoMeTnpoBaH», h/im «onpeAe/iMTb, hto npon3oPiAeT, ec/in 
opraHH3auna noABepra/iacb ue/ieHanpaB/ieHHoPi aTaKe co cTopoHbi 
BHeumePi 3/iOHaMepeHHoPi cTopoHbi». K/iK)HeBbiM An<t>4>epeHunaTopoM 
3T0r0 COpTa OUeHKM AB/lfleTCfl TOT Ct>aKT, HTO OHa He npOCTO mueT 
noATBep>KASHHbie y^3BMMOCTn, ho BMecTO 3Toro ncnonb3yeT 
HaPiAeHHbie npo6/ieMbi Ann Toro, HTo6bi onpeAe/iMTb caMbiPi xyALUHPi 
cueHapHPi pa3BMTMfl co6brn/iPi. Bmccto Toro HTo6bi ormpaTbca 
HCK/lKDHMTe/lbHO Ha Ha6op HHCTpyMeHTOB AH9\ CKaHMpOBaHMfl 
yfl3BHM0CTePi, Bbi Aon>KHbi c/ieAHTb 3a npoBepicoPi pe3y/ibTaTOB c 
nOMOLUbK) 3KCn/10HT0B H/1H TeCTOB AH9\ HCK/lKDHeHHfl 
no>KHono/io>KHTe/ibHbix pe3y/ibTaTOB m cAe/iaTb Bee ot Bac B03MO>KHoe 
Ann onpeAeneHi/m cKpbiTbix h/ih /io>KHOHeraTHBHbix yfl3BHM0crePi. 3 to 
nacTO cBA3aH0 c ncno/ib30BaHneM o6Hapy>KeHHbix paHee 
yfl3BHM0CTePi, M3yHeHMfl ypoBHA AOCTyna k BKcrmoPiTaM h 
ncnonb30BaHHjq btoto pacninpeHHoro AOCTyna b KanecTBe pbinara A-rm 
AononHMTe/ibHbix aTaK npoTHB ue/in. 

3to Tpe6yeT Kpi/iTi/i nee koto nepecMOTpa Lie/ieBoPi cpeAbi HapRAy c 
pyHHbIM nOHCKOM, KpeaTHBHOCTbK), BHeLLIHMM aHa/!H30M H 
HecTaHAapTHbiM MbiumeHMeM, HTo6bi o6Hapy>KHTb ApyrHe 
B03M0>KH0CTH nOTeHUHa/lbHOPi yfl3BMMOCTM H, B KOHeHHOM HTOre, 
ncno/ib30BaTb ApyrHe i/mcTpyMeHTbi h TecTbi KpoMe Tex, KOTopbie 
6bmn o6Hapy>KeHbi cicaHepaMi/i yfl3BHMOcrePi. KaK TO/ibKO bto 6yAeT 
3aBepnieHO, BcerAa Heo6xoAHMO HaHHHaTb no/iHbiPi npouecc cHOBa h 
CHOBa A-nfl Toro, HTo6bi OKOHnaTe/ibHO Bbino/iHi/iTb pa6oTy. 

flawe c TaKMM noAxoAOM, Bbi Bee paHO nacTO 6yAeTe 3aMenaTb, hto 
MHO>K ecTBO oueHOK coctoat H3 pa3/iMHHbix 3TanoB. Kali o6nernaeT 
noncK nporpaMM A-rm Ka>KAoro 3Tana c noMombK) MeHK) Kali: 
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• C6op MH<£opMauMM (Information Gathering): Ha Aam-iOM 3Tane, Bbi 
6yAeTe cocpeAOToneHbi Ha M3yneHMM MaKCMMa/ibHoro KO/iMnecTBa 
MHcf)opMai4Mn o ue/ieBOM cpeAe. KaK npaBM/io, sto AeMCTBMe 
HeMHBa3MBHOe H AOBO/lbHO nOXO>Ke Ha CTaHAapTHyK) aKTHBHOCTb 
no/ib30BaTe.rm. 3tm agmctbhji nnryj b ocHOBy ocra/ibHOM nacTM 
oueHKH m no3TOMy Aon>KHbi 6biTb BbinonHeHbi MaKCMMa/ibHO normo. 
B KaTeropnn «C6op MH<£opMauMM Ka/in» ecTb ascjitkm 
MHCT pyMeHTOB, n03B0/lflK)LUHX BblflBHTb KaK MO>KHO 60 /lbl±ie 

HHcfjopMaMMH 06 oueHHBaeMoPi cpeAe. 

• 06Hapy>KeHne yfl3BMMOCTei/i (Vulnerability Discovery): 3tot 3Tan 
nacTO 6yAeT Ha3biBaTbca «aKTMBHbii/i c6op MH<£opMauMM», rAe Bbi 
He aTaKyeTe, a 3aHMMaeTecb HecTaHAapTHbiM noBeAeHMeM 
nonb30BaTe/iePi, nbuaflcb onpeAe/iMTb noTeHUMa/ibHbie yji3BMMOCTM 
b ue/ieBOM cpeAe. 1/lMeHHO Ha stom 3Tane 6yAeT npoMcxoAHTb 
CKaHMpoBaHMe yfl3BMM0CTei/i, o6cy>KAaeMoe paHee. Te nporpaMMbi, 
KOTopbie 6bmn paHee nepeHMc/ieHbi b pa3Ae/iax AHa/in3 
y^3BHMOCTePi, AHa/iM3 Be6-npnno>KeHHM, OueHKa 6a3bi AaHHbix m 
06paTHa^ nH>KeHepnjq, 6yAyT oneHb no/ie3Hbi Ha stom 3Tane. 

• 3Kcn/iyaTauMJi (Exploitation): 06Hapy>KHB noTeHUMa/ibHbie 

yji3BMMOCTn, Ha 3 tom 3Tane Bbi nonbuaeTecb Mcno/ib30BaTb hx Ann 
3aKpen/ieHMfl b ue/iM. 1/lHCTpyMeHTbi, KOTopbie cMoryT noMOHb BaM 
Ha 3 tom 3Tane, Bbi cMO>KeTe HaPiTM b cneAyromux pa3Ae/iax: AHa/iM3 
Be6-npnno>KeHMM, OueHKa 6a3bi AaHHbix, ATaKa B3/iOMa napo/ia h 
1/lHCTpyMeHTbi Ann 3Kcn/iyaTauMM. 

• llepexoA b ApyrHe cMcreMbi m <£ 1 / 1/1 bTpaui/m AaHHbix (Pivoting and 

Exfiltration): noc/ie Toro, KaK 6yAeT ycTaHOB/ieHa nepBOHana/ibHaji 
TOHKa onopbi, Heo6xoAHMO Bbino/iHMTb Aa/ibHePiLune warn. Ohm 
AOBO/ ibHO Macro noBbiLLiaKDT npaBa AOCTyna ao ypoBHA 

Heo6xoAHMoro BaM A-na AOCTMweHMJi BaniMx uenePi, b KanecTBe 
aTaKyiomero, HanpMMep, nepexoAa b Apyrne CMcreMbi, hto, 
bo3mo>kho, BaM He 6bmo AOCTynHO paHee m <£M/ibTpauMJi 
KOH(£MAeHUMa/lbHOM MH(£opMaUMM M3 Ue/ieBbIX CMCTeM. [\nn 
no/iyneHM}! noMomn Ha ashhom 3Tane o6paTMTecb c/ieAyK)LUHM 
pa3Ae/iaM ATaKa B3/iOMa napo/ia, 1/lHcrpyMeHTbi 3Kcn/iyaTauMM, 
CHM<£<£MHr m cny<£<£MHr m nocTSKcn/iyaTauMJi. 

• CocraB/ieHMe OTneTa (Reporting): KaK TO/ibKO aKTMBHaa nacrb 
oueHKM 6yAeT 3aBepnieHa, Bbi AO/i>KHbi 6yAeTe 3aAOKyMeHTMpoBaTb 
m coo6mnTb 0 npoBeAeHHbix MeponpMJiTMJix. 3tot 3Tan Macro 
6biBaeT He t3kmm TexHMMecKMM, KaK npeAbiAyiAHe 3Tanbi, OAHaKO 
oneHb b3>kho, MTo6bi Bam k/imcht no/iyMM/i no/iHyK) OTAany ot 
Bbino/iHeHHOM pa6oTbi. B pa3Ae/ie «l/lHcrpyMeHTbi OTMeTHOCTM» 
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COflep>KHTCfl pMHCTpyMeHTOB, KOTOpbie OKa>KyTCfl nOne3HblMM Ha 
flaHHOM aTane. 

B 6o/ibLui/iHCTBe c/iynaeB, stm oueHKH 6yayT yHMKa/ibHbiMM b cBoeM 
cocTaB/ieHMH, t.k. Ka>KAaa opraHM3auMfl 6yAeT pa6oTaTb c 
pa3/iMHHbiMn yrpo3aMn, h 6yAeT 3ammnaTb pa3/iMHHbie aKTHBbi. Kali 
Linux co3AaeT AOBO/ibHO yHMBepca/ibHyK) 6a3y Ann stmx bhaob 
OUeHOK, H HMeHHO 3AeCb Bbl MO>KeTe AeMCTBHTenbHO B0Cn0/lb30BaTbC}^ 
MHOTMMM Cj^yHKUMflMM MHAMBMAya/lbHOM HaCTpOMKM Kali LinUX. MHOTHe 
opraHH3aunn, KOTOpbie npoBOA^T stm TMnbi oueHOK, 6yAyT 
noAAep>KHBaTb MHAMBMAya/ibHbie Bepcm/i Kali Linux A-rm BHyTpeHHero 
MCn0/lb30BaHMfl, HT 06 bl yCKOpHTb pa3BepTblBaHHe CMCTeM ao HOBOM 
oueHKH. 

1/lHAHBHAyanbHbie HacTpoMKM, KOTOpbie opraHH3aunn cMoryT 
Bbino/iHJiTb co cbommm HHCTa/iJi^uM^MM Kali Linux, name Bcero 6yAyT 
BK/IKDHaTb b ce6fl: 

• npeABapHTeribHasi ycTaHOBKa KOMMepnecKMx naKeTOB c 
/inueH3nePi. HanpHMep, y Bac MO>xeT 6biTb TaKoPi naKeT, KaK 
KOMMepnecKHH cKaHep ya3BMMOCTePi, KOTopbiPi Bbi xoTe/in 6bi 
ncno/ib30BaTb. HTo6bi He ycraHaB/iMBaTb stot naKeT c Ka>KAoPi 
c6opKoPi, Bbi MO>KeTe CAe/iaTb sto oahh pa3 65 h ncno/ib30BaTb ero 
npH Ka>KAOM pa3BepTbiBaHnn Kali, KOTopoe Bbi Ae/iaeTe. 

• npeABapnTe/ibHO HacTpoeHHbie h noAK/iiOHeHHbie BMpTya/ibHbie 
nacTHbie ceTH (virtual private networks (VPN)). Ohm oneHb 
none3Hbi A-rm ycrpoPicTB, KOTOpbie no3BO/iflK)T npoBOAHTb 
«AncTaHUMOHHbie BHyTpeHHMe» oueHKM. B 6o/ibLUMHCTBe c/iynaeB 
3TM CMCTeMbl nOAK/lKDHaiOTCfl K CMCTeMe, KOHTpO/lMpyeMOM 
OUeHLUMKOM, C03AaBaJl TyHHe/lb, KOTOpbiPi OUeHLUMK MO>KeT 
Mcno/ib30BaTb Ann AOCTyna k BHyTpeHHMM cMCTeMaM. The Kali Linux 
ISO of Doom 66 nannercn npMMepoM mmchho 3Toro TMna HacTpoMKM. 

• llpeABapMTenbHO ycTaHOB/ieHHoe, BHyTpeHHe pa3pa6oTaHHoe 
nporpaMMHoe o6ecneneHMe m MHCTpyMeHTbi. MHome opraHM3auMM 
6yAyT o6naAaTb nacTHbiM Ha6opoM MHCTpyMeHTOB, t3kmm o6pa30M, 
mx HacTpoPiKa Bee nMLUb eAHHO>KAbi b nonb30BaTe/ibCKOM ycTaHOBKe 
Kali 67 oneHb xopomo skohommt BpeMfl. 

• flpeABapMTenbHO HacTpoeHHbie KOHcf)MrypauMM onepauMOHHOM 


65 http://docs.kali.org/kali-dqjo/02 - mastering-live-build 
66 https://www.offensive-security.com/kali-linux/kali- rolling-iso-of-doom/ 
67 http://docs.kali.org/development/live- build-a-custom-kali-iso 
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CMCTeMbi, TaKkie KaK OTo6pa>KeHMe xoctob, 060m pa6onero cmna, 
HacTpoPiKM npoKCM-cepBepa m t.a- MHorne no/ib 30 BaTenn Kali 
MMeKDT 0C06bie HaCTpOMKM 68 , KOTOpbie OHM XOTe/lM 6bl HaCTpOMTb 
MMeHHO TaK. Ec/im Bbi co6MpaeTecb pery/iapHO nepeycraHaB/iMBaTb 
Kali, coxpaHeHMe m 3 anoMMHaHMe btmx M 3 MeHeHMM MMeeT 6o/ibi±iOM 
CMbIC/l. 


11 . 2.4 Ou.eHKa npMAOweHMfl 

B TO BpeMfl KaK 60/lbLUMHCTBO OUeHOK 06naAaK)T LUMPOKMM OXBaTOM, 
oqeHKa npM/io>KeHMfl AB-rmeTca cneuMa/iM3aMMeM, KOTopaa y3KO 
CKOHqeHTpMpoBaHa Ha oahom npM/io>KeHMM. 3tot tmii oueHKM 
CTaHOBMTC5q Bee 6o/iee pacnpocTpaHeHHbiMM M3-3a c/io>khoctm 
KpMTMHeCKM B3>KHblX npM/10>KeHMM, KOTOpbie MCnO/lb3yK)TCJR 
OpraHM3ai4Mf1MM, MHOTMe M3 KOTOpbIX flBfmKDTCfl BHyTpMCjDMpMeHHblMM. 
OueHKa npM/io>KeHMfl MO>KeT 6biTb Ao6aB/ieHa k 6onee lumpokom 
oueHKe, b c/iynae Heo6xoAHMOCTM. npM/io>KeHMfl, KOTOpbie MoryT6biTb 
oqeHeHbi t3kmm o6pa30M, BK/iKDnaKDT b ce6a, ho He orpaHMHMBaKrrcfl 
3TMM CnMCKOM: 

• Be6-npM/io>KeHMfl: Be6-npM/io>KeHMfl AOBO/ibHO Macro 

noABepraK)TCfl aTaKaM, xota 6bi npocTO noTOMy, mto ohm 
npeACTaB/ijRKDT co6om OT/iMMHyK) qenb BBMAy CBoePi AOCTynHOCTM. 
06bNHO, cTaHAapTHaa oueHKa h 3 magt 6a30Bbie npo6/ieMbi b Be6- 
npM/io>KeHMM, OAHaKO, 6o/iee AeTa/ibHoe paccMOTpeHMe o6biMHO 
ctomt noTpaneHHoro Ha Hero BpeMeHM, A-rm onpeAeneHMA npo6/ieM, 
cB5R3aHHbix c pa6oHMM npoueccoM npM/io>KeHM5T MeTanaKeT kali- 
linux-web 06/iaAaeT 6onbLUMM KO/iMMecTBOM MHCTpyMeHTOB, 
KOTOpbie cMoryT noMOMb BaM b btom oqeHKe; 

• CKOMnM/iMpoBaHHbie AecKTon-npM/io>KeHM5q (Compiled desktop 
applications): CepBepHoe nporpaMMHoe o6ecneneHMe He BcerAa 
fiB/ifiK)TCfi eAHHCTBeHHOM ue/ibK); AecKTon-npM.no>KeHMfl TaK>Ke 
npeACTaB/i?iK)T co6om npeKpacHyK) ue/ib A-nfl aTaKM. B nponieALune 
TOAbl, MHO>KeCTBO AeCKT0n-npM/10>KeHMM, T3KMX KaK PDF peAaKTOp 
m/im Be6-BMAeonporpaMMbi, AOBO/ibHO Macro AB.rm.nMCb ue/mMM 
aTaK. OAHaKO, Ha AaHHbiM momcht cymecTByeT He MeHbiuee 
KO/iMMecTBO AecKTon-npM/io>KeHMM, KOTOpbie npM 6onee AeTa/ibHO 
M3yneHMM o6naAaK)T 6o/ibLUMM ko/immcctbom yA3BMMOcrei/i. 

68 https://www.offensive-security.com/kali-linux/kali-linux- recipes/ 
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• Mo6n/ibHbie npi/moweHHfl: no Mepe Toro, KaK Mo6nnbHbie 
ycTpoPicTBa cTaHOBATcn Bee 6o/iee nonynnpHbiMi/i, Mo6nnbHbie 
npi/moweHi/m cTaHOBflTCfl Bee 6onee nHTepecHoPi ue/ibK) Ann 
npoBefleHHfl aTaKi/i. 3to flOBO/ibHO TaKu 6biCTpo ABi/DKymancn uenb, 
a MeTOAonori/m b btom o6nacTM Bee eme co3peBaeT, hto npHBOflMT 
k noflB/iem/iK) HOBbix pa3pa6oTOK npaKTunecKM Ka>KAyK) HeAe/iK). 
1/lHCTpyMeHTbi, cB?i3aHHbie c aHa/iM30M Mo6n/ibHbix npi/moweHi/ie, 
MoryT 6biTb HaPiAeHbi b pa3Ae/ie MeHK) 06paTHan pa3pa6oTKa. 

Ouemca npn/io>KeHMM MO>KeT npoBOAHTbcn pa3/iMHHbiMM cnoco6aMi/i. B 
KanecTBe npocToro npi/iMepa Ann onpeAe/iem/m b n pun owe hum 
noTeHUMa/ibHbix npo6/ieM v\nv\ yrpo3 MO>KeT 6biTb npi/iMeHeH 
cneuMa/ibHbiPi aBTOMaTH3npoBaHHbiPi MHCTpyMeHT. 3tot i/iHCTpyMeHT 
6yAeT ncnonb30BaTb cneunc^MHecKyK) A-rm npM/iowem/m norHKy b 
nonbiTKax onpeAe/inTb HeM3BecmyK) npo6neMy, BMecTO Toro, HTo6bi 
no/iaraTbCA b noncKe Ha Ha6op ywe n3BecTHbix cHTHaTyp. 3tot 
HHCTpyMeHT AO/i>KeH 06/iaAaTb BCTpoeHHbiM noHHMaHkieM noBeASHMn 
npi/moweHMfl. floBO/ibHO pacnpocTpaHeHHbiM npHMepoM 3Toro 6yAeT 
CKaHep y^3BMMOCTePi Be6-npMno>KeHMM, TaKoPi KaK Burp Suite 69 , 
HanpaB/ieHHbiPi Ha pa6oTy c npMnoweHMAMM, KOTopbie cHana/ia 
onpeAe/iflK)T pa3/inHHbie nonn bboas, a 3aTeM ompaBnneT 
pacnpocTpaHeHHbie aTaKi/i SQL-MH'beKUMPi b btm nonn, OTcnewMBan 
peaKUHK) npn/io>KeHMfl Ha MHAMKauMK) ycneiimoPi aTaKH. 

B 6o/iee c/io>KHbix cueHapMnx, oueHKa npMnoweHMn MO>KeT 6biTb 
npoBeAeHa HHTepaKTHBHO KaK c noMombK) cnoco6a black box, TaK m 
c noMombK) cnoco6a white box. 

• Black Box OueHKa: 1/lHcrpyMeHT (h/im oueHLUMK) B3anMOAePicTByeT 
c npi/moweHi/ieM He ww\en cneunanbHbix 3HaH mm v\nv\ AOCTyna, KpoMe 
AOCTyna o6bNHoro nonb30BaTenn. HanpMMep, b c/iynae c Be6- 
npMnoweHMeM, oueHLUMK MOweT HMeTb AOCTyn numb k ct>yHKui/mM h 
cBOHCTBaM, KOTopbie AOCTynHbi nonb30BaTenK), He BomeAweMy b 
CMCTeMy. JlK)6bie yneTHbie 3anncn nonb30BaTenn 6yAyT t3khmh, b 
KOTopbix o6bNHbiPi nonb30BaTenb MO>KeT caMOCTonTenbHO 
3aperncTpnpoBaTb aKKayHT. 3to He asct bo3mo>khoctm 
aTaKyKDmeMy BHASTb v\nv\ npocMaTpHBaTb KaKne-nn6o cj^yHKUMM, 
KOTopbie AOCTynHbi TonbKO nonb30BaTennM, KOTopbie Aon>KHbi 6biTb 
C03AaHbl aAMMHMCTpaTOpOM. 


69 https://portswigger.net/burp/ 
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• White Box Ouemca: 1/lHcrpyMeHT (h/ih oueHLUMK) name Bcero 6yfleT 
nMeTb no/iHbiPi AOCTyn k ncxoAHOMy KOAy, AOCTyn aAMHHHCTpaTopa 
k n/iaTcjDopMe, Ha KOTopoPi pa6oTaeT npn/io>KeHne h t. a- 3to 
rapaHTHpyeT, hto no/iHbiPi h BcecropoHHHH o63op Bcex 
cj^yHKUMOHa/ibHbix B03M0>KH0CTePi npH/io>KeHHfl 6yAeT 3aBepmeH 
He3aBHCMMO OT TOTO, TAe 3Ta CbyHKUHOHa/lbHOCTb HaXOAHTCJl B 
npnno>KeHHM. KoMnpoMMcc Bcero btoto 3aK/iK)HaeTCfl b tom, hto 
oueHKa hh b KoeM c/iynae He AB/ifleTca cHMy/iflunePi pea/ibHbix 
BpeAOHOCHbIX ASHCTBHI/i. 

5e3ycnoBHO, Me>KAy bthmh cnoco6aMn oueHOK ecTb cboh n/iK)Cbi h 
MMHycbi. KaK npaBH/io, pewaK)mnM cj^aKTopoM AB/ifleTca ue/ib oueHKH. 
Ec/ih uenbK) AB/ifleTca onpeAe/ieHne Toro, hto 6yAeT nponcxoAHTb b 
c/iynae, ec/in AaHHoe npnno>KeHMe 6yAeT noABep>KeHO aTaice, to black 
box oueHKa noAoPiAeT HAea/ibHO b noAo6HoPi cHTyaunn. Ec/ih >Ke 
ue/ibK) AB/iaeTCfl onpeAe/iMTb BbmB/ieHHe h ycrpaHeHne KaK mo>kho 
6o/ibniero nnc/ia BonpocoB 6e3onacHOCTM 3a OTHOCHTe/ibHO kopotkmm 
nepnoA BpeMeHM, to white box oueHKa 6yAeT 6onee 3c|3c|3eKTHBHoPi b 
AaHHOM cnynae. 

B ApyrHX c/iyna^x MO>KeT B03HHKHyTb rn6pnAHbiPi iioaxoa, KorAa 
oueHLUHK He HMeeT no/iHoro AOCTyna k ncxoAHOMy KOAy n/iaTc|)opMbi, 
Ha KOTopoPi 3anymeHO npnno>KeHne, ho yneTHbie 3anncn 
nonb30BaTe/iePi npeAOCTaB/iflKrrcfl aAMHHHcrpaTopoM, HTo6bi 
o6ecnennTb AOCTyn k MaKCHMa/ibHO B03M0>KH0Pi ctjyHKUMOHanbHOCTM 
npnno>KeHM^. 

Kali nsnnejcn HAea/ibHoPi n/iaTc|3opMoPi Ann Bcex Ti/moB oueHKH 
npnnoKeHH^. ripn ycTaHOBKe no yMO/inaHHK) AOCTyn ho mhokcctbo 
pa3nHHHbix cneuna/ibHbix cKaHepoB npH/io>KeHHH. f\nn 6o/iee 
npoABHHyTOH oueHKH cymecTByeT 6o/iee luhpokhh Anana30H 
HHCTpyMeHTOB, HcxoAHbix peASKTopoB h cueHapneB epeA- 
C/ieAyK)mne pa3Ae/ibi, TaKne KaK Be6-npnno>KeHHe 70 h 06paTHaa 
pa3pa6oTKa 71 ' B3flTbie c caPiTa Kali Tools 72 , 6yAyT BaM oneHb 
none3Hbi. 


70 http://tools. kali.org/category/web-applications 
71 http://tools.kali.org/category/reverse-engineering 
72 http://tools.kali.org 
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11.3 <DopMa/iM3aL4Mfl ou,eHKM 

Korfla Bbi onpeAerm/iMCb c tmiiom oueHKM m noAroTOBM/iM Bamy cpeAy 
Kali, cHMTaMTe, hto Bbi y>Ke npaKTMnecKM roTOBbi k Hana/iy pa6oTbi. 
noc/ieAHMM maroM nepeA Hana/iOM 6yAeT cf)opMa/iM 3 aun^ tom pa6oTbi, 
KOTopyK) BaM Heo6xoAMMO 6yAeT npoAe/iaTb. 3to nBnnejcn 
KpMTMHeCKM B3>KHblM, T.K. 3T0 OnpeAe/lfleT BaLUM 0>KMAaHMfl OT pa60Tbl 
m AaeT BaM pa3pemeHMe Ha npoBeAeHMe He/iera/ibHOM aKTMBHOCTM b 
c/iynae, ec/iM 3tm okmashma He 6yAyT onpaBAaHbi. Mbi 33TpoHeM 3tot 
Bonpoc Ha BbicoKOM ypoBHe, ho, TeM He MeHee, bto AB/iaeTCfl 
AOBO/lbHO T3KM C/10>KHblM M B3>KHblM IliarOM, TaK HTO BaM, CKOpee 

Bcero, 6yAeT Heo6xoAMMO o6paTMTbca k lopMAMnecKOMy 
npeACTaBMTenK) BameM opraHM3auMM 3a noMombK). 

B paMKax npouecca c(DopMa/iM3auMM BaM Heo6xoAMMO 6yAeT 
onpeAenMTb npaBM/ia ynacTMa b pa6oTe. 3to 3aTparMBaeT TaKMe 
Bonpocbi, KaK: 

• C KaKMMM cMCTeMaMM Bbi MO>KeTe mjim BaM pa3penieHO 
B3aMMOASMCTBOBaTb? OneHb B3>KH0 rapaHTMpOBaTb, HTO Bbi 
c/iynaMHO He BMemaeTecb b KaKyK)-/iM6op cMCTeMy, KOTopaa 6yAeT 
MMeTb KpMTMnecKoe 3HaneHMe A-rm npoBeAeHMfl 6M3Hec-onepauMM. 

• B KaKoe BpeMa ah n, m nepe3 KaKoe okho aTaKM, bo3mo>kho, 
npoBOAMTb oueHKy? HeKOTopbie opraHM3auMM npeAnoHMTa kdt 
O rpaHMHMTb BpeMfl, B KOTOpOe MO>KeT npOBOAMTbCfl OUeHKa. 

• KorAa Bbi o6Hapy>KMTe noTeHUMa/ibHyio y?i3BMM0CTb, 6yAeT/iM BaM 
pa3penieHO Mcno/ib30BaTb ee? Ec/im HeT, to iokob npouecc 
yTBep>KASHMfi? EcTb HeKOTopbie opraHM3auMM, KOTopbie 
npeAnoHMTa k>t npM6eraTb k oneHb KOHTpo/iMpyeMOMy noAxoAy k 
Ka>KAOM nonbiTKe 3Kcn/iyaTauMM, TorAa KaK Apyrne xoTe/iM 6bi 
Mcno/ib30BaTb 6o/iee pea/iMCTMHHbii/i noAxoA- /lynnie Bcero neTKO 
onpeAe/iMTb btm okmashma nepeA Hana/iOM pa6oTbi. 

• B c/iynae ec/iM 6 bma o 6 Hapy>KeHa cymecTBeHHafl npo 6 /ieMa, k 3 kmm 
o 6 pa 30 M c/ieAyeT ee pemaTb? 1 /lHorAa, opraHM 3 auMM xotat 6 biTb 
npoMHcjDopMMpoBaHbi o HeM cpa 3 y >Ke, b npoTMBHOM c/iynae, 
npo 6 /ieMa paccMaTpMBaeTcsi b KOHpe oueHKM. 

• B c/iynae HeoT/io>KHbix cMTyauMM, c KeM BaM Heo 6 xoAMMO 
CBA 3 biBaTbCfl? BcerAa Heo 6 xoAMMO 3 HaTb, c KeM BaM Hy>KHO 
CB 5 i 3 aTbcsi, ec/iM B 03 HMKaeT KaKaa-/iM 6 o npo 6 /ieMa Tpe 6 yK)ma?i 
HeoT/io>KHoro peweHMfl. 
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• Kto 6yAeT b Kypce npoBOAHMOH BaMH AeaTe/ibHOCTH? KaK bth 
A aHHbie 6yAyT nepeAaHbi hm? B HeKOTopbix c/iyHaflx opraHH3aunn 
3axoT^T npoBepuTb cbokd peaKunio Ha B03HHKiuyK) npo6neMy h 
3cf>cf)eKTHBH0CTb o6Hapy>KeHHfl b paMKax oueHKH. 3 to BcerAa 
9\Br\9\eTC9\ xopouiei/i i/iAeePi, HMeTb 3 th AaHHbie 3apaHee, TaK hto Bbi 
6yAeTe 3HaTb, AO/i>KHbi /in Bbi npoflB/iflTb KaKyK)-/in6o cTeneHb 
CKpbiTHOCTM b noAxoAe k opeHice. 

KaKOBbIMM 5\Br\9UOTC9\ 0 >KHAaHHfl B KOHpe OLieHKH? KaKHM 06 pa 30 M 
6 yAyT nepeAaHbi pe 3 y/ibTaTbi? Bbi AO/i>KHbi tohho 3 HaTb, hto hmchho 
Bee cTopoHbi o>KHAaK)T b KOHpe oueHKH. OnpeAe/ieHkie pe 3 y/ibTaTOB h 
cnoco6a hx nepeAann - /lyniiiHH cnoco6 coxpaHHTb Bee CTopoHbi 
cnacT/iMBbiMH noc/ie 3 aBepi±ieHHfl pa6oTbi. 

HecMOTpa Ha to, hto AaHHbin cnncoK He nBnnejcn no/iHbiM, oh AaeT 
BaM npeACTaBneHMe o AeTa/iax, KOTopbie Heo6xoAHMO yHHTbiBaTb. 
TeM He MeHee, Bbi AO/i>KHbi noHHMaTb, hto He cymecTByeT xopomePi 
3aMeHbi A-ns 3aKOHHbix AeP Ictbhh. KaK mnbKO Bbi onpeAe/iH/incb c 
BbiiiieyKa3aHHbiMM nyHKTaMH, BaM Heo6xoAHMO no/iyHHTb 
cooTBeTCTByiomee pa3peiueHMe A-na npoBeAeHHA oueHKH, nocKO/ibKy 
6o/ibniafl nacTb Ae^Te/ibHOCTH, KOTopyio Bbi 6yAeTe Bbino/iHATb b xoAe 
oueHKH, MO>KeT 6blTb He 33K0HH0H 6e3 HaA/iewaLUHX nO/lHOMOHHH OT 

Koro-nn6o, o6naAaK)mero no/iHOMOHHAMH Ha npeAOCTaB/ieHHe 3Toro 
pa3penieHHjR. 

noc/ie Toro KaK Bbi onpeAe/iH/incb co BceMi/i BbiLueyKa 3 aHHbiMn 
nyHKTaMH h npoAe/ia/iH Bee Heo6xoAHMbie marn, TeM He MeHee 
ocraeTca eiue oahh momcht, KOTopbin BaM 6yAeT Heo6xoAHMO 
pa 3 pei±iHTb nepeA Hana/iOM pa6oTbi: npoBepKa. HnKorAa He 
AOBepjiHTe TOMy Anana 30 Hy (o6/iacTH) pa6oTbi, KOTopbin BaM 
npeAOCTaBH/iH - BcerAa npoBep^HTe ero. Mcno/ib 3 yHTe MHO>KecTBO 
HCTOHHHKOB HHC^OpMaUHH nOATBepJKASHHfl TOrO, HTO CHCTeMa B 

npeAe/iax Bamero Anana 30 Ha AeHCTBHTe/ibHO npnHaA.ne>KHT K/ineHTy 
h, hto OHa Ta K>Ke o6c/iy>KHBaeTCfl BaniHM k/ihchtom . C 
npeo6/iaAaHHeM 06/iaHHbix cepBHcoB opraHH 3 aunfl MO>KeT 3 a 6 biTb, 
HTO OHH CjDaKTHHeCKH He B/iaASKDT CHCTeM 3 MH, npeAOCTaB/lflKDLUHMH HM 
ycnyrn. Bbi MO>KeTe o6Hapy>KHTb, hto BaM Ha caMOM Ae/ie Heo6xoAHMO 
nonyHHTb cneuna/ibHoe pa 3 penieHHe ot npoBanAepa o6/iaHHoro 
cepBHca, nepeA TeM, KaK npncTynnTb k pa6oTe. KpoMe Toro, BcerAa 
npoBep^HTe y3/ibi IP aApeca. HnKorAa He ctoht no/iaraTbca Ha 
npeAno/io>KeHHe opraHH 3 auHH o tom, hto hm npnHaA-newaT Bee y 3 /ibi 
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IP, fla>Ke ec/iki ohm roTOBbi noAnMcaTbca noA hmmm, KaK noA pea/ibHOM 
>KM3Hecnoco6HOM qe/ibK). HanpMMep, Mbi BMAe/iM npMMepbi 
opraHM3ai4MM, KOTopbie 3anpaniMBaK)T oqeHicy Bcero Anana30Ha ceTM 
K/iacca C, KorAa Ha caMOM Ae/ie ohm npMHaA-newa/iM TO/ibKO 
noAMHO>KecTBy btmx aApecoB. HanaB Ha Bee aApecHoe npocrpaHCTBO 
K/iacca C, Mbi cTO/iKHy/iMCb 6bi c aTaKOM Ha coceAeM ceTM 
opraHM3ai4MM. lloAKaTeropMfl AHa/iM3a OSINT (OSINT Analysis), a 
MMeHHO MeHK) C6op l/lHcf)opMauMM (Information Gathering) coasp>kmt 

AOBO/lbHO-TaKM 60/lbLUOe KO/lMHeCTBO pa 3 /lMHHblX MHCTpyMeHTOB, 
KOTopbie MoryT noMOHb BaM c npoueccoM npoBepKM. 


11.4 Tkinbi AiaK 

Kax TO/ibKO Bbi cMO>KeTe npMCTynMTb k pa6oTe, KaKMe mmchho 
KOHK peTHbie TMnbi aTax, KOTopbie Bbi co6MpaeTecb npoBOAHTb? 
Ka>KAblM TMn yfl3BMMOCTM 73 MMeeT CBOK) KOHKpeTHyK) CB33aHHyK) C HMM 
TeXHMKy. 3T0T pa3Ae/l 33TpOHeT pa3/lMHHbie K/iaCCbl yfl3BMMOCTeM, c 
KOTopbiMM Bbi 6yAeTe B3aMMOAeMCTBOBaTb b 6o/ibLUMHCTBe cnynaeB. 

He MMeeT HMKaKoro 3HaneHMfl, c KaKOM KaTeropMePi ya3BMMOCTeM Bbi 
CTa/iKMBaeTecb, Kali noMoraeT BaM c nerKOCTbio h3mtm noAxoAflLune 
MHCTpyMeHTbi m 3Kcn/iOMTbi. Kali MeHK) Ha BameM rpacjoMHecKOM 
no/ib30BaTe/ibCKOM MHTepcjDeMce pa3AeneHO Ha KaTeropMM Ann Toro, 
HT 06 bl nOMOHb BaM C ZierKOCTbK) H3MTM nOAXOA^LUHM MHCTpyMeHT. 
KpoMe Toro Ha Be6caMTe Kali Tools 74 MMeeTca MCHepnbiBaK)Lum/i 
CnMCOK pa3/lMHHblX MHCTpyMeHTOB, AOCTynHblX B Kali, KOTopbie 
opraHM30BaHbi b KaTeropMM m OTMeneHbi cooTBeTCTByiomuM o6pa30M 
A.rm 6onee zierKoro npocMOTpa. Ka>KAaa 3anMCb coasp>kmt ASTa/ibHyio 
MHcjDopMauMK) 06 MHCTpyMeHTe, TaK>xe KaK m o npMMepax ero 
MCn0/lb30BaHM5T 


1 1.4.1 DoS aTaKa (Denial of Service) 

DoS 3T3KM Mcno/ib3yK)T yjR3BMMOCTb Ann Toro, HTo6bi co3AaTb noTepio 
o6c/iy>KMBaHM?i, name Bcero npepbiBaHMeM y?i3BMMoro npouecca. 
KaTeropMM Crpecc-TecTMpoBaHMfl (The Stress Testing) MeHK) Kali 


73 https://www.cvedetaits.com/vutnerabitities-by-types.php 
74 http://tools. kati.org/tools-tisting 
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Linux coAep>KHT onpeAe/iem-ioe KO/iMnecTBO MHCTpyMeHTOB Ann btom 
ue/iM. 

KorAa 6onbiunHCTBO /iKDAePi c/ibiniaT TepMMH «DoS aTaKa», ohm 
MOMeHTa/ibHO HaHMHaKDT AyMaTb 06 aTaicax noTpe6/ieHMfl pecypcoB, 
KOTOpbie HCXOA^T M3 MHO>KeCTBa MCTOHHMKOB OAHOBpeMeHHO npOTMB 
oahom ue/iM. 3tot TMn aTaKM 6yAeT Ha3biBaTbCJi pacnpeaeneHHan 
DoS aTaKa ( distributed denial of services attack), mjim DDoS. 
riOA06Hbie 3T3KM peAKO flB/lflKDTCfl HaCTbK) npOCjDeCCMOHanbHOM 
oueHKM 6e3onacHOCTM. 

Ha caMOM Ae/ie OAHHOHHaa DoS aTaKa name Bcero AB/iaeTCfl 
pe3y/ibTaTOM HenpaBM/ibHOM nonbiTKM Mcno/ib30BaTb ya3BMM0CTb. 
Ec/im aBTop BKcnnoMTa BbinycKaeT nacTMHHO cbyHKUMOHa/ibHbiM m/im 
KOHuenTya/ibHO BepHbiM (proof-of-concept PoC) koa, m oh 
Mcnonb3yeTc?i HenocpeACTBeHHO b Ae/ie, 3to MO>xeT co3AaTb yc/iOBMA 
Ann DoS aTaKM. flawe BepHO 3aKOAnpoBaHHbiM BKcn/iOMT cnoco6eH 
pa6oTaTb TO/ibKO b oneHb cneuMcf)MHecKMx o6cTOflTe/ibCTBax, ho oh 
MO>KeT HanaTb DoS aTaKy m npM MeHbiiiMx o6cTOflTe/ibCTBax. Mo>KeT 
noKa3aTbCjq, hto caMbiM BepHbiM pemeHMeM 6yAeT Mcno/ib30BaTb 
TO/lbKO H3AS>KHblM M npOBepeHHblM 3KCn/10MT m/im >xe HanMcaTb CBOM 
co6cTBeHHbiM. flawe b t3kmx ycnoBMax m npM TaKOM pemeHMM HeT 
HMKaKMx rapaHTMM, m 3to AOBO/ibHO cM/ibHO orpaHMHMBaeT oueHLAMKa, 
t.k. Bbi3biBaeT npe3MepHbie orpaHMneHMa, hto b cbokd onepeAb 
Bbi/iMBaeTcsi b xyALUMe pe3y/ibTaTbi oueHKM. PemeHMeM b ashhom 
CMTyauMM nsnnejcn KOMnpoMMcc. H36eraMTe KOHuenTya/ibHO BepHbix 
(PoC) koaob m HenpoBepeHHbix BKcn/iOMTOB b pea/ibHOM pa6oTe m 
BcerAa 3apynaMTecb noAAep>KKOM lopMCTa, KOTopbiPi cMO>KeT 
npMKpbiTb Bac, b c/iynae HeyAanM. 

KaK npaBM/io, 6o/ibi±iMHCTBO DoS aTaK He 3anycKaK)Tca HaMepeHHO. 
EO/lbLUMHCTBO aBTOMaTM3MpOBaHHblX MHCTpyMeHTOB yfl3BMMOCTM 
OTHecyT y?i3BMM0CTM k DoS aTaKaM k rpynne MeHbmero pMCKa, BBMAy 
Toro <£aKTa, hto xota Bbi m MO>KeTe yAa/iMTb c/iy>K6y M3 onepauMM, 3Ta 
c/iy>K6a He MO>KeT 6biTb Mcno/ib30BaHa A-rm Bbino/iHeHMA koas. 
OAHaKO, oneHb b3>kho noMHMTb, hto He Bee 3Kcn/ioi/iTbi BbmycKaKrrca 
ny6riMHHO m /iK)6afl ya3BMMOCTb k DoS aTaKaM MO>KeT 
3aMacKMpoBaTbc?i HaMHoro rny6>Ke, hto npeACTaBrmeT co6om HaMHoro 
6onbmyK) yrpo3y. Koa Bbino/iHeHMA BKcn/ioi/iTa A-rm DoS aTaKM MO>KeT 
cymecTBOBaTb, ho He 6biTb o6meAOCTynHbiM. OcHOBHaa Mbic/ib 
3aK/lK)HaeTCfl B TOM, HT 06 bl Bbl 06 pama/lM BHMMaHMe Ha yfl3BMM0CTM K 
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DoS aTaicaM m y6eAHTe cBoero K/ii/ieHTa ycraHOBMTb cooTBeTCTByiOLUMM 
naTH He3aBncnMO ot mx (name Bcero hm3koto) ypoBhm yrpo3bi. 


1 1.4.2 lloBpeMKAeHMe na/viflTM (Memory Corruption) 

noBpe>KAeHMe naMATM npoMcxoAMT, Kor^a MecTono/io>KeHMe npouecca 
b npocrpaHCTBe naMATM c/iynaMHO M3MeHfleTca M3-3a olum6ok 
nporpaMMMpoBaHM?i. Heno/iaAKM, cBA3aHHbie c noBpe>KAeHMeM 
naMj^TM, npMBOA^T k HenpeACKa3yeMOMy noBeASHMK) nporpaMMbi, 
OAHaKO, b 6o/ibLUMHCTBe c/iynaeB, btm Heno/iaAKM no3BormK)T 
MaHMny/iMpoBaTb naMATbio npouecca t3kmm o6pa30M, npM kotopom 
noTOK BbinonHeHMa nporpaMMbi mo>kho KOHTpo/iMpoBaTb, hto 
no3BO/iBeT onpeAe/iBTb aKTMBHOCTb, 3aBMcamyK) ot aTaicyiOLuero. 

3tm aTaKM o6bNHO othocat k nepeno/iHeHMK) 6y<t>epa, xota 
Mcno/ib30BaHMe 3Toro TepMMHa AB/iaeTCfl npe3MepHbiM ynpomeHMeM. 
HaM6onee pacnpocTpaHeHHbie TMnbi noBpe>KAeHMfl naMATM 
3HaHMTe/ibHO OT/iMHaiOTCB Apyr ot Apyra, t.k. Ka>KAaB M3 hmx 
o6naAaeT co6ctb6hhom Ta ktmkom m tcxhmkom, Heo6xoAHMOM A-rm 
ycneniHOM 3Kcn/iyaTauMM. 

• nepenoriHeHMe 6y<£epa CT3Ka (Stack Buffer Overflow): KorAa 
nporpaMMa 3anMCbiBaeT 6o/ibiiie AaHHbix b 6y<t>ep b creice, neM 
npocTpaHCTBO, KOTopoe A-rm Hero AOCTynHO, cMewHaa naMATb 
MOweT 6biTb noBpe>KAeHa, hto nacro npMBOAHT k c6ok> nporpaMMbi. 

• Pa3pyiiieHMe xMna (Heap Corruption): XMn naMATb o6biHHO 
pacnpeAe/iBeTCjR bo BpeMA BbinoriHeHMa 3aAan m o6bNHO coasp>kmt 
A aHHbie 3anymeHHOM nporpaMMbi. Pa3pyiiieHMe XMna npoMcxoA^T 
nyTeM MaHMny/iMpoBaHMA AaHHbiMM A-rm nepe3anMCM c noMombio 
CBJR3aHHOrO C HMM CnMCKa XMnOB naMflTM. 

• Ue/iOHMcnem-ioe nepeno/iHeHMe (Integer Overflow): 3 tm 
nepeno/meHMfl B03HMKai0T, KorAa npM/io>KeHMe nbiTaeTca co3AaTb 
HMc/iOBoe 3HaneHMe, KOTopoe He MOweT coAepwaTbca b npeAenax 
BbiAe/ieHHoro npocrpaHCTBa A-rm xpaHeHMA. 

• CTpoKa c|3opMaTMpoBaHMfl (Format String): KorAa nporpaMMa 
npMHMMaeT bboa no.nb30BaTe.rm m cj^opMaTMpyeT ero 6e3 npoBepKM, 
aneMKM naMfiTM MoryT 6biTb o6Hapy>KeHbi m/im nepe3anMcaHbi b 
33BMCMMOCTM ot Mcno/ib3yeMbix o6o3HaneHMM (MapicepoB) 
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ct>opMaTa. 


1 1.4.3 Be6-yfl3BMMOCTM (Web Vulnerabilities) 

B CBA3M c TeM, hto coBpeMeHHbie Be6-caPiTbi 6o/ibiiie He flBrmKrrcfl 
CTaTMHeCKMMM CTpaHMIjaMM, HO BMeCTO 3T0I"0 A^HaMMHeCKM 
reHepnpyK)TCfi A-rm no.nb30BaTe.rm, cpeAHecraTMCTMHecKMM Be6-caPiT 
AB/meTCfl AOBO/lbHO-TaKM C/10>KHblM. Be6-yfl3BHMOCTM MCnO/lb3yK)T 3Ty 
cno>KHOCTb b nonbiTKe aTaKOBaTb KaK back end norMKy crpaHMUbi, TaK 
h npe3eHTaunK) A-rm noceTMTe/m caPiTa. 

3tm Tkinbi aTaKM AOBO/ibHO nony/mpHbi, TaK KaK b Hame BpeMA MHorne 
opraHH3ai4MM aoctmitim tom tohkm, KorAa y hmx oneHb Ma/io BHeniHMx 
c/iy>K6. flByM 9\ HaM6o/iee pacnpocTpaHeHHbiMM TMnaMM aTaKM Be6- 
npM/10>KeHMM flB/mK)TCfl SQL-MH'beKUMa M Me>KCaMTOBblM CKpMnTMHT 
(XSS). 

• SQL-MH'beKUMfl (SQL injection): 3tm aTaKM Mcno/ib3yK)T 
HeKoppeKTHO 3anporpaMMMpoBaHHbie npM/io>KeHMfl, KOTopbie 
HenpaBMnbHO o6pa6aTbiBaK)T no/ib30BaTe/ibCKMM bboa, hto 
npMBOAMT K B03M0>KH0CTM 3anyCKa MHC|30pMaUMM M3 6a3bl AaHHbIX 
m/im Aa>Ke k nonHOMy 3axBaTy cepBepa. 

• Me>KcaMTOBbiM cKpMnTMHr (Cross-site scripting): KaK m b cnynae c 
SQL-MH’beKMMePi, aTaKM XSS AB/mtOTCfl pe3y/ibTaTOM HenpaBM/ibHoPi 
o6pa6oTKM BBOAa no/ib30BaTe/m, hto no3BO/meT 
3/ioyMbiLu/ieHHMKaM MaHMny/iMpoBaTb no/ib30BaTe/ieM mjim caPiTOM c 
noMombK) Bbino/iHeHMfi KOAa b KOHTeKCTe mx co6cTBeHHoro ceaHca 
6pay3epa. 

KoMn/ieKCHbie, pa3Hon/iaHOBbie m c/io>KHbie Be6-npM/io>KeHMfl 
flB/mKmm oneHb pacnpocTpaHeHHbiMM b Hame BpeMA, npeAOCTaB/um 
MAea/ibHbie yc/iOBMA A-rm aTaKM pa3/iMHHbiM 3/ioyMbimneHHMKaM. Bbi 
HaMAeTe AOBO/ibHO mhoto qeHHoPi m no/ie3HOM A-rm aac MH^opMauMM 
m MHCTpyMeHTOB b pa3Aene MeHK) AHa/iM3 Be6 npM/io>KeHMM (Web 
Application Analysis) m b MeTanaKeTe kali-linux-web. 


1 1.4.4 ATaKa B 3 AOMa napoAfl (Password Attacks) 
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Atskm B3noMa napo/ien - bto aTaKH Ha cncreMy ayTeHTncf)HKaunM 
c/iy>K6bi. 3th aTaKH AOBO/ibHO nacro npeBpamaiOTCJi b OH/iaHH aTaKH 
B3/iOMa napo/ien h ocjD/iaHH aTaKH B3/iOMa napo/ien, c neM Bbi MO>KeTe 
03HaK0MHTbCjq b pa3Ae/ie MeHK) ATaKH B3noMa napo/ien (Password 
Attacks). Bo BpeMfl OH/iaPm aTaKH B3/iOMa naporm, mhokcctbo 
pa3/iHHHbix napo/ien nepe6npaK)TCJi npoTHB 3anymeHHOH cncTeMbi. 
Bo BpeMA o<t>/ianH aTaKH B3/iOMa napo/ui, cHana/ia aTaKyiOLunn 
no/iynaeT xaniHpoBaHHbie h/ih 3aLUHcf)poBaHHbie 3HaHeHHJi napo/ien, 
a 3aTeM nbrraeTca no/iynHTb nncroe TeKCTOBoe 3HaneHHe. 3amnTOH ot 
AaHHoro Tnna aTaK nBnnejcn tot cJ^aKT, hto BbiHnc/iHTe/ibHO AOBO/ibHO 
Tawe/io pa6oTaTb b btom npouecce, orpaHHHHBaji KO/innecTBO 
nonbiTOK, KOTopbie MoryT 6biTb creHepnpoBaHbi b ceKyHAy. TeM He 
MeHee, cymecTByeT o6xoAHbie nyTH, KaK, HanpnMep, Hcno/ib30BaHHe 
rpac^HHecKHx npoueccopoB (GPU) A-rm ycKopeHHJi KO/innecTBa 
nonbiTOK, KOTopbie MoryT 6biTb cAe/iaHbi. MeTanaKeT kali-linux-gpu 
coAep>KHT onpeAe/ieHHoe KO/innecTBO HHCTpyMeHTOB, KOTopbie 
HCnO/lb3yK)T 3Ty MOLUHOCTb. 

Maine Bcero aTaKH B3/iOMa napo/ien, Haue/ieHbi Ha napo/in, 
ycTaHOB/ieHHbie nocTaBLUHKOM no yMO/inaHHK). B cbji3h c TeM, hto bth 
napo/in xopomo BceM H3BecTHbi, aTaKyKDLum^i npoBeAeTcKaHnpoBaHne 
b HaAe>KAe Ha yAany. flpyraa, He MeHee pacnpocTpaHeHHaa aTaKa, 
3to aTaKa nepe6op no c/iOBapK) (dictionary attack), bo BpeMjR kotopoh 
co3AaeTCJi cnncoK c/iob, KOTopbin 6bi/i aAanTnpoBaH k ue/ieBon cpeAe. 
3aTeM npoBOAHTCJi OH/iaPm aTaKa B3/iOMa napo/ui npoTHB 
pacnpocTpaHeHHbix, no yMO/inaHHK) h/ih >Ke npocTO H3BecTHbix 
yneTHbix 3anncen, rAe Ka>KAoe c/iobo nepe6npaeTCJi b onpeAe/ieHHon 
noc/ieAOBaTe/ibHOCTH. 

Bo BpeMJi oueHKH, oneHb b3>kho noHHMaTb noTeHuna/ibHbie 
noc/ieACTBHJi ashhoto Tnna aTaKH. Bo-nepBbix, ohh BcerAa co3AaK)T 
MHOTO IliyMa, BBHAy nOBTOpflKDLUHXCJl nonbiTOK ayTeHTHCj^HKaUHH. Bo- 
BTopbix, noAo6Hbie aTaKH nacro MoryT npnBecTH k 6/iOKnpoBaHHK) 
aKKayHTa H3-3a orpoMHoro KO/innecTBa HeyAaHHbix nonbiTOK bxoas, 
npoBeAeHHbix npoTHB ashhoto aKKayHTa. I/I HaKOHeu, 
npoH3BOAHTe/ibHOCTb AaHHbix aTaK AOBO/ibHO MeA/ieHHasi, hto 
npnBOAHT k TpyAHOCTJiM npn nonbiTKe ncno/ib30BaTb 
HCHepnbiBaiomm^ cnncoK c/iob. 
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1 1.4.5 AiaKM Ha K/iMeHTOB (Client-Side Attacks) 

EOUbLUMHCTBO aTaK npOBOflMTCfl npOTMB CepBepOB, HO T.K. CepBMCbl 
craHOBMTCfl Bee cno>KHee aTaKOBaTb, 6o/iee /lerio/ie uenM, b ashhom 
c/iynae, ywe 6binM Bbi6paHbi. Pe3y/ibTaTOM noAo6Horo Bbi6opa cTa/in 
aTaKM Ha kumchtob, rAe ue/ibK) aTaKyLomero 6yAeT uBnuTbcu 
pa3/iMHHbie npnno>KeHHjR, KOTopbie ycraHOBneHbi Ha ycrpoPicTBe 
coTpyAHMKa ueneBOM opraHM3auMM. B pa3Aeue 1/lHcrpyMeHTbi 
Couna/ibHOM MH>KeHepnM (The Social Engineering Tools) MMeeTcu 
6o/ibiiioe KO/ii/mecTBO npeKpacHbix npMno>KeHMM, KOTopbie noMoryT 
npoBecTM BaM otot Tun aTaK m. 

flaHHbiPi cnoco6 aTaKM uynuie Bcero npMMeHueTcu npoTMB Flash, 
Acrobat Reader, m Java, KOTopbie 6binM AOBO/ibHO LunpoKO 
pacnpocTpaHeHbi b paHHHX 2000bix. B btmx cuynaux 
3/ioyMbim/ieHHMKM 6yAyT nbuaTbCJR 3anpocnTb pen b noceTMTb 
BpeAOHOCHyK) Be6-CTpaHnuy. 3 tm crpaHMUbi 6yAyT coAepwaTb 
CneUManM3MpOBaHHblM KOA, KOTOpbIM 3anyCTHT yU3BMMOCTM B 
npnno>KeHMfix? ycTaHOB/ieHHbix y K/ii/ieHTa, hto npMBeAeT k 
B 03M0>KH0CTM 3anyCTMTb KOA Ha qeueBOM CMCTeMe. 

ATaK m Ha K/ikieHTa BcerAa oneHb c/io>kho npeAOTBpaTMTb, bto 
noTpe6yeT KanecTBeHHoro o6yneHMu nonb30BaTeneM, nocrouHHoro 
o6HOB/ieHi/m npMno>KeHMM m ceTeBbix cpeACTB ynpaB/ieHi/m A-rm 
3Cf)Cf)eKTMBH0r0 CHM>KeHMU pHCKa. 


11.5 noABefle/vi morn 

B 3tom rnaBe Mbi KpaTKO paccMOTpenM po/ib Kali b ccjDepe 
6e3onacHOCTM MH^opMauMM. Mbi o6cyAnuM Ba>KHOCTb hmctom, 
pa6oneM MHCTannuuMM m ncno/ib30BaHne i±mc|3poBaHi/m nepeA TeM, 
KaK HenocpeACTBeHHO HanaTb pa6oTy, HTo6bi 3amnTMTb MHcfjopMauMK) 
K/lkieHTOB, a TaK>Ke Ba>KHOCTb 33K0HH0CTM BaLUHX ASMCTBMM 
3amnTbi BaniMx HHTepecoB h HHTepecoB Bamero KUMeHTa. 

KOMnOHeHTbl TpnaAbl CIA (KOH(f)MA6HI4ManbHOCTb, Ue/lOCTHOCTb M 
AOCTynHOCTb) UBUUK)TCU nepBMHHblMM nyHKT3MM, Ha KOTopbie Bbl 
o6pamaeTe BHMMaHMe, kouas nbiTaeTecb o6e3onacnTb cHCTeMy KaK 
nacTb cTaHAapTHoro pa3BepTbiBaHMu CMcreMbi, ee noAAep>KKM mum 
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oueHKn. 3Ta KOHMenTya/ibHafl ocHOBa noMO>KeT BaM 
MfleHTMCjDHUMpOBaTb KpHTHHeCKHe KOMnOHeHTbl BailieM CMCTeMbl h 
KO/lMHeCTBO yCH/lHH H/1M pecypCOB, KOTOpbie Heo6xOflMMO 3aTpaTHTb 
Ann peweHUfl bo3hmkluhx npo6/ieM. 

Mbi o6cyAn.nn HecKO/ibKO thiiob yfl3BHM0CTen, t3khx KaK Bbino/meHUfl 
c^aPi/ia (file inclusion), SQL nHteKui/m, nepeno/iHeHne 6y<£epa m 
cocTOJ^HMe roHKi/i (race conditions). 

TOHHOCTb CMTHaTypbl Hpe3BblHaHHO Ba>KHa A-rm no/iyHeHMA nO/ie3HblX 
pe3y/ibTaTOB oueHKH y^3BHMOCTM. HeM 6o/ibi±ie npeACTaB/ieHO 
AaHHbix, TeM Bbiiiie niaHc nonyHHTb TOHHbie pe3y/ibTaTbi ot 
aBTOMaTH3MpOBaHHOrO CKaHMpOBaHMfl Ha OCHOBe CMTHaTypbl, H 
HMeHHO no3TOMy AaHHbiPi Tun cKaHnpoBaHHfl cei/inac oneHb 
nony/uqpeH. 

B CBA3H C TeM, HTO aBTOMaTH3HpOBaHHbie HHCTpyMeHTbl HCnO/lb3yK)T 

CMTHaTypbi A-n^ BbmB/ieHHfl yfl3BHMOCTen, ;no6oe He3HaHHTenbHoe 

OTKnOHeHMe OT H3BeCTHOH CMTHaTypbl MO>KeT M3MeHMTb pe3y/lbTaT H 
060 CH 0 BaHH 0 CTb BOCnpHHHMaeMOH yfl3BHMOCTH. 

Mbi TaK>Ke o6cyAnnn neTbipe Tuna oueHKH: 

1. OLteHKS yn3BHMOCTH, 

2. TeCTHpOBSHHe Ha npOHHKHOBeHHe Ha OCHOBe COOTBeTCTBHB, 

3. TpaflHLfHOHHOe TeCTHpOBaHHe Ha npOHHKHOBeHHe 

4. OLteHKa npHno>KeHHB. 

HecMOTpa Ha to, hto KawAbiPi Tun oueHKH ncno/ib3yeT K/noneBOH 
Ha6op HHCTpyMeHTOB, MHOTMe HHCTpyMeHTbl H TeXHO/lOTHH 
nepen/ieTaiOTCJT 

OueHKa yfl3BHMOCTH OTHOCHTe/lbHO npOCTa no CpaBHeHHK) C APyrMMM 
THnaMH OUeHOK H HaCTO COCTOHT H3 aBTOMaTH3HpOBaHHOH 3anHCH 
o6Hapy>KeHHbix BonpocoB b ue/ieBOH cpeAe. B btom pa3Aene Mbi 
06 cyAH/lH, HTO yfl3BHMOCTb - 3T0 HenO/iaAKa H/1H H3"bflH, KOTOpblH npn 
o6Hapy>KeHHH MO>KeT noAaeprHyTb pncKy KOHc^HASHuna/ibHOCTb, 
Ue/lOCTHOCTb H/1H AOCTynHOCTb HH(f)OpMai4HOHHOH CHCTeMbl. B CBA3H C 
TeM, hto 3tot THn oueHKH ocHOBaH Ha cnrHaType, oh 6a3HpyeTca Ha 
TOHHbix cHTHaTypax h MOweT npeACTaB/iJiTb /io>KHonono>KHTe/ibHbie 
h/ih noKHOOTpnuaTe/ibHbie pe3y/ibTaTbi. Bbi MO>KeTe HaPiTH K/iioneBbie 
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MHCTpyMeHTbi A-rm 3Toro Tuna oueHKn b pa3Ae/ie MeHK) Kali Linux - 
AHa/iM3 ysi3BHM0CTn (Vulnerability Analysis) h nHCTpyMeHTbi 
3KcnnyaTaunM (Exploitation Tools). 

TecTMpoBaHHe Ha npoHHKHOBeHi/ie Ha ocHOBe cooTBeTCTBHfl 
6a3i/ipyeTca Ha npaBMTe/ibCTBeHHbix h caHKUHOHHpoBaHHbix 
npoMbiLuneHHOCTbK) Tpe6oBaHMjqx (t3ki/ix KaK PCI DSS, DISA STIG, 1/1 
FISMA), KOTopbie, b cbokd onepeAb, ocHOBaHbi Ha craHAapTe 
COOTBeTCTBMfl. 3T0T TeCT 06 blHH 0 HaHMHaeTCfl C OLieHKH yfl3BHMOCTM. 

TpaAHUHOHHoe Tecn/ipoBaHi/ie Ha npoHHKHOBeHi/ie - bto my6oKafl 
oueHKa 6e3onacHOCTn, KOTopaa co3AaHa f\r\9\ Toro, HTo6bi y/iynniHTb 
o6myK) cMTyauMK) 6e3onacHOCTn opraHH3aum/i, ocHOBaHHon Ha 
onpeAeneHHbix pea/ibHbix yrpo3ax. 3T0TTi/m Tecn/ipoBaHi/ia BK/nonaeT 
HecKonbKO maroB (0Tpa>KeHHbix b cTpyKType MeHK) Kali Linux) h 
3aBepi±iaeTCfl i/icno/ib30BaHi/ieM yfl3Bi/iMOCTePi h nepeK/noneHi/ieM 
AOCTyna c oahoh Mawi/mbi k ApyrHM ManiHHaM h ceTAM b npeAe/iax 
qe/ieBoro Anana30Ha. 

OueHKM npi/moKeHMA (o6bNHO white-box h/ih black-box) 
KOHUeHTpi/ipyKDTCfl Ha OAHOM npH/10>KeHI/ll/l H HCnO/lb3yK)T 
cneuna/in3npoBaHHbie MHCTpyMeHTbi, KOTopbie 6bmi/i o6Hapy>KeHbi b 
KaTeropm^x MeHK) - AHa/ 11/13 Be6 npi/mo>KeHMfl (Web Application 
Analysis), OueHKa 5a3bi AaHHbix (Database Assessment), 06paTHaa 
Pa3pa6oTKa (Reverse Engineering) 1/1 1/lHcrpyMeHTbi 3Kcn/iyaTauni/i 
(Exploitation Tools). 

06cy>KAa/incb HecKO/ibKO bhaob aTaK, BK/nonafl: DoS aTaKy (Denial of 
Service), KOTopaa HapyuiaeT noBeAeHHe npi/mo>KeHi/m h Ae/iaeT ero 
HeAOCTynHbiM; noBpe>KASHne naMATi/i, KOTopaa npHBOAHT k 
M aHMnynjquMH AOCTynHoPi naMATbio, hto nacTO no3BO/ifleT 
Bbino/iHeHMe koas aTaKyiomei/i CTopoHoPi 3/ioyMbinineHHHKa; Be6- 
aTaKH, KOTopbie aTaKy kdt Be6-cepBncbi, ncno/ib3yfl TexHO/iorm/i Tuna 
SQL HHteKUMH i/i Me>KcaMTOBbiM cKpi/inTHHT (XSS aTaKH); H aTaKM 
B3/iOMa napo/ia, KOTopbie nacTO ncno/ib3yK)T cm/icoK naponePi A-rm 
aTaKH cepBHCHbix yneTHbix AaHHbix. 
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HacTb 12 : 3 aK/uoMeHMe 


no3ApaB/iaeM! HaAeeMCjq, cei/inac Bbi HaMHoro nyHLue no3HaKOMM/iMCb 
m y3Ha/in cMCTeMy Kali Linux, m BaM He c/ieAyeT 6 o 9 \ TbC 9 \ 
3KcnepnMeHTnpoBaTb c HePi. Bbi o6Hapy>KM/iM ee caMbie MHTepecHbie 
CBOMCTBa, ho TaK>Ke Bbi 3HaeTe npeAenbi ee B03M0>KH0CTeM, a TaK>Ke 
Cn 0 C 06 bl, C nOMOLUbK) KOTOpbIX MX MO>KHO 060 MTM. 

Ec/im Bbi noKa eiue He Mcno/ib30Ba/iM Bee cBOMCTBa, Aep>KMTe 3Ty 
KHMry no6/iM30CTM, HTo6bi npM Heo6xoAHMOCTM 3ar/ijRHyTb b Hee m 
OCB e>KMTb CBOK) naMflTb. riOMHMTe, HTO HeT HMnero /lynilie npaKTMKM 
(M/1M HaCTOMHMBOCTM), HT 06 bl pa3BMB3Tb HOBbie HaBbIKM. « CTaPaMTeCb 
vnopHee 75 ». - KaK He ycTaiOT noBTop^Tb cneuMa/iMCTbi Offensive 
Security. 


12.1 npOflOAMOeM C/ieflMTb 3a 06 H 0 B/ieHMflMM 

C nocTOfiHHO M3MeH?iK)mnMCfi AncTpM6yTMBOM kali-rolling HeKOTopbie 
pa3/ienbi khmtm o6fJ3aTe/ibHO cranyT ycrape bliimmm. Mbi c/je/iaeM Bee 
B03M0>KH0e, vTo6bi m/]tm b Hory co BpeMeHeM (no KpanHen Mepe, 
OTHOcmenbHO OHnanH Bepcnn), a /]/in neKoropbix pa3/xenoB Mbi 
nonbira/iMCb /jaTb o6m.ee o6bncHeHne, Koropoe 6y^er/xencrsmejibHO 
aonroe BpeMft. 

B HeM TOBOpMTCfl, HTO Bbi AO/l>KHbl 6blTb TOTOBbl npMHMM3Tb 
M3MeHeHMjR m MCKaTb penieHMe B03HMKaK)mnx npo6/ieM. npM /lyHLLieM 
noHMMaHMM Kali Linux m ee OTHOLueHMA k Debian Bbi MO>KeTe 
paccHMTbiBaTb Ha coo6mecTBa Kali Linux m Debian m mx 
MH oroHMc/ieHHbie pecypcbi (6ar TpeKepbi, <£opyMbi, cnMCKM paccbi/iKM 
M T-A-)/ eC/lM y BaC B03HMK/1M C/10>KH0CTM. 

He 6 oMTecb AOKyMeHTMpoBaTb B03HMKLUMe olum6km (cM.pa3Ae/i 6.3 , 
" flPAana rpaMOTHO cocTaB/ieHHoro OTHeTa 06 oniM 6 Ke " [cTp.129])! 
Ec/im Bbi, KaK m n , 3aBepniM/iM 3ano/iHeHMe xopomero OTneTa 06 
oniM 6 Kax (y MeHA bto 3aHfl/io KaKoe-TO BpeMfl), Bbi y>Ke peniM/iM 
npo 6 neMy m/im, no KpaPmeM Mepe, Ham/iM nyTM ee o 6 xoAa. A 


75 https://www.offensive-security.com/offsec/say-try- harder/ 
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AeMCTBHTe/ibHbiM cocraB/ieHneM OTneTa 06 oi±in6Ke, Bbi noMO>KeTe 
ApyrMM, KOTopbie cTO/iKHy/incb c Taxon npo6/ieMon. 


12.2 rioflTBepflme no/iyneHHbie Ba/vin 

Bbi ropAMTecb HOBbiMn HaBbiKaMM Kali Linux? Bbi MO>KeTe c 
yBepem-iocTbK) cxa3aTb, hto noMHMTe no-HacToameMy Ba>KHbie Benin? 
Ec/in Bbi OTBeTMTe Aa, to BaM ctout o6paTHTbca k nporpaMMe Kali 
Linux Certified Professional. 

3to xopomee noATBep>KASHne, KOTopoe rapamnpyeT, hto Bbi 3HaeTe, 
KaK pa3BopannBaTb (ycTaHaB/inBaTb) n ncno/ib30BaTb Kali Linux b 
pa3/inHHbix c/iynajix. 3to xopomee Aono/iHeHne k BameMy pe3K)Me, 
KOTopoe AOKa3biBaeT, hto Bbi MOKeTe ABnraTbca Aa/ibwe. 


12.3 ^BM>KeMCB Aa/ibwe 

3Ta KHnra Haynn/ia Bac MHoroMy, a nMemno 6o/ibmnHCTBy Bei±ien, 
KOTopbie Aon>KeH 3HaTb ruo6on no/ib30BaTe/ib Kali Linux, ho, TeM He 
MeHee, HaM npnm/iocb cAe/iaTb mhokcctbo He/ierKnx Bbi6opoB, unn 
Toro, HTo6bi npnAep>KHBaTbCfl npneM/ieMoro obteMa KHnrn. BBMAy 
3Toro, HaM He yAa/iocb 3aTpoHyTb mhokcctbo He MeHee Ba>KHbix 
BonpocoB n TeM. 


12.3.1 OTHoenTeAbHO cncTe/viHoro aAMnHncTpnpoBaHnfl 

Ec/in Bbi xoTHTe y3HaTb 6o/ibi±ie o cmctcmhom aAMnHncTpnpoBaHnn, 
to b TaKOM c/iynae Mbi mokcm nopexoMeHAOBaTb BaM, 03HaK0MnTbca 
co CnpaBOHHUKOM aAMMHncTpaTopa Debian (Debian Administrator's 
Handbook): https://debian-handbook.info/qet/ 

Bbi HanAeTe TaM mhokcctbo Aono/iHHTe/ibHbix r/iaB o 
pacnpocTpaHeHHbix c/iy>K6ax Unix, KOTopbie HaM, k co>Ka/ieHHK), 
npnmnocb no/iHOCTbK) onycTMTb b Hawen KHnre. \A Aa>Ke b Tex nnaBax, 
KOTopbie Mbi ncno/ib30Ba/in b 3Ton KHnre, Bbi HanAeTe mhokcctbo 
AOnO/lHHTe/lbHblX COBeTOB, B OCHOBHOM OTHOCHTe/lbHO CHCTeMbl 
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naKeTi/ipoBaHMfl (KOTopaa T3K>Ke paccMaTpMBaeTca 6onee AeTa/ibHO 
Ha cBoeM caMOM hm3kom ypoBHe) 

KHHra Debian (Debian book) ohcbmaho npeACTaBMT 6o/iee my6oKO 
coo6mecTBO Debian m to, kokmm o6pa30M oho opraHM30BaHO. He 
CMOTpSI Ha TO, HTO 3TH 3HaHM3 He AB/lfllOTCfl >KM3HeHHO B3>KHblMM, TeM 
He MeHee, bto AeMCTBMTe/ibHO no/ie3HO 3HaTb oco6eHHO, KorAa BaM 
Hy>KHO B3anMOASMCTBOBaTb co cneMMa/iMcraMM Debian, HanpMMep, 
KorAa Bbi BMecTe pa6oTaeTe HaA othctom 06 OLun6Ke. 


12.3.2 OTHOCMTeAbHO TeCTMpOBaHM?! Ha npOHMKHOBeHMe 

Bo3mo>kho, cei/inac Bbi 3aMeTM/iM, hto 3Ta KHM>KKa He yni/iT Bac 
HenocpeACTBeHHO npoBeAeHMio TecmpoBaHMA Ha npOHMKHOBeHMe, 
ho, TeM He MeHee, Te Benin, KOTopbie Bbi M3yHM/iM, 5 rb/ijrk)tcjr oneHb 
Ba>KHbiMn. Tenepb Bbi roTOBbi no/iHOCTbio ncno/ib30BaTb boo Mouib 
Kali Linux, Jiynnie n/iaTc^opMbi A-na npoBeAeHMA TecmpoBaHMA Ha 
npOHMKHOBeHMe. 1/1 Bbi nonyMM/iM 6a30Bbie HaBbiKM b cMCTeMe Linux, 
KOTopbie Heo6xoAHMbi A-rm Hana/ia TpeHMpoBOK c Offensive Security. 

Ec/im Bbi nyBCTByeTe, hto Bee ei±ie He roTOBbi k TOMy, HTo6bi HanaTb 
npoxoAHTb n/iaTHbie Kypcbi, Bbi MOweTe HanaTb 6ecn/iaTHbie OH/iaMH 
Kypcbi Metasploit Unleashed 76 . Metasploit flBrmeTCfl oneHb 
nony/iapHbiM MHCTpyMeHTOM A-rm npoBeAeHMA TecmpoBaHMfl Ha 
npOHMKHOBeHMe, M BaM npOCTO Heo6xOAHMO 03HaK0MMTbCfl C HMM, 
ec/iM Bbi cepbe3HO HacTpoeHbi M3ynMTb TecTMpoBaHMe Ha 
npOHMKHOBeHMe. 

CneAyKDLAUM norMHecKMM maroM 6yAeT M3yneHMe OHnaMH Kypca 
Penetration Testing with Kali Linux 77 . KOTopbiM npoBeAeT Bac no 
M3BecTHOMy nyTM no/iyneHMe cepTMc^MKauMM "Offensive Security 
Certified Professional". 3tot OH/iaMH-Kypc mo>kho Bbino/iHATb b CBoeM 
co6cTBeHHOM TeMne, ho cepTMc|}MKaLiMfl Ha caMOM Ae/ie npeACTaBrmeT 
co6om cno>KHoe, 24-nacoBoe, pea/ibHoe, npaKTMnecKoe TecmpoBaHMe 
Ha npOHMKHOBeHMe, KOTOpOe npOXOAHT B M30JlMp0BaHH0M CeTM VPN. 

Bbi roTOBbi K HOBbIM Bbl30B3M M npenflTCTBMflM? 


76 https://www. of fen si ve-security.com/metasptoit- unleashed/ 
77 https://www. of fen si ve-security.com/information- security-training/ 
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